Last Updated: January 15, 2024
macchdistr is committed to protecting the personal data of individuals in the European Economic Area (EEA) and the United Kingdom in accordance with the General Data Protection Regulation (GDPR) and applicable local laws.
macchdistr acts as the data controller for personal data collected through our website and during service delivery. Our contact information:
We process personal data under the following legal bases:
When you submit a contact form or subscribe to communications, you provide consent for us to process your data for the specified purposes. You may withdraw consent at any time by contacting us.
When you engage our services, we process data necessary to fulfill our contractual obligations, including service delivery and communication about your engagement.
We may process data based on legitimate business interests, such as improving our services and website, provided these interests do not override your fundamental rights and freedoms.
We may process data to comply with legal requirements, such as tax reporting or responding to lawful requests from public authorities.
If you are in the EEA or UK, you have the following rights:
You may request a copy of the personal data we hold about you.
You may request correction of inaccurate or incomplete personal data.
You may request deletion of your personal data under certain circumstances, such as when data is no longer necessary for the purposes collected.
You may request restriction of processing under certain circumstances, such as when you contest data accuracy.
You may request to receive your personal data in a structured, commonly used, machine-readable format.
You may object to processing based on legitimate interests, including direct marketing.
You have rights regarding automated decision-making and profiling. We do not currently engage in automated decision-making that produces legal or similarly significant effects.
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days. We may need to verify your identity before processing your request.
As a Canadian organization, we may transfer personal data from the EEA or UK to Canada. Canada has been recognized by the European Commission as providing an adequate level of data protection. Where we transfer data to other countries, we implement appropriate safeguards such as Standard Contractual Clauses.
We retain personal data only as long as necessary for the purposes for which it was collected, to comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods vary based on the type of data and purpose of processing.
We implement technical and organizational measures to protect personal data, including:
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach is likely to result in high risk to you, we will also notify you directly.
If you believe we have not addressed your concerns satisfactorily, you have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of the alleged infringement.
For questions about our GDPR compliance or to exercise your rights, contact: