Introduction
This Data Deletion Policy outlines the procedures and guidelines for deleting personal information collected by our website in accordance with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Scope
This policy applies to all personal information collected by our website, regardless of the method or channel of collection. Personal information includes any data that can be used to identify an individual, such as name, address, email address, phone number, IP address, and browsing history.
Data Retention
We will retain personal information only for as long as necessary to fulfill the purpose for which it was collected, or to comply with legal or regulatory obligations. Once the purpose for retention has been fulfilled, personal information will be deleted or anonymized.
Data Deletion Requests
Individuals have the right to request that Agatha delete their personal information. Requests for deletion can be submitted by [method of submission]. Upon receipt of a valid deletion request, we will take the following steps:
- Verify the identity of the individual making the request.
- Locate and identify the personal information of the individual.
- Delete the personal information from all systems and databases.
- Inform the individual that their data has been deleted.
Exceptions to Data Deletion
We may be unable to delete personal information in certain circumstances, such as:
- When the personal information is necessary to comply with a legal or regulatory obligation.
- When the personal information is necessary to protect the vital interests of the individual or another person.
- When the personal information is necessary for public interest reasons.
Data Security
We implements appropriate technical and organizational safeguards to protect personal information from unauthorized access, use, disclosure, alteration, or destruction. These safeguards include the use of encryption, access controls, and data loss prevention measures.
Data Breach Notification
In the event of a data breach that affects personal information, we will notify affected individuals and relevant authorities within 72 hours of becoming aware of the breach. The notification will include information about the nature of the breach, the affected personal information, and the steps being taken to remediate the breach.
Contact Information
For questions or concerns regarding this Data Deletion Policy, please contact our data privacy officer.