Your GDPR Rights

Last Updated: January 2025

1. Introduction to GDPR

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on 25 May 2018 throughout the European Union. It gives individuals greater control over their personal data and places obligations on organisations that process personal information.

At floviran.com, we are fully committed to complying with GDPR and protecting your rights as a data subject.

2. Data Controller Information

The data controller responsible for your personal information is:

floviran.com
142 Rathmines Road
Portlaoise, Co. Laois
Ireland

Contact Email: support@floviran.com
General Enquiries: info@floviran.com
Data Protection Queries: contact@floviran.com

3. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

3.1 Right to Be Informed

You have the right to be informed about the collection and use of your personal data. This information is provided through our Privacy Policy and this GDPR Rights page.

We will tell you:

  • What personal data we collect
  • Why we collect it
  • How we use it
  • Who we share it with
  • How long we keep it
  • Your rights regarding your data

3.2 Right of Access

You have the right to access your personal data and receive a copy of the information we hold about you. This is commonly known as a "subject access request."

When you make an access request, we will provide:

  • Confirmation that we are processing your personal data
  • A copy of your personal data
  • Information about how we process your data
  • The purposes of the processing
  • The categories of personal data concerned
  • The recipients or categories of recipients
  • The retention period
  • Your rights to rectification, erasure, or restriction
  • Your right to lodge a complaint with a supervisory authority

We will respond to your request within one month. In complex cases, we may extend this by two months and will inform you of the extension.

3.3 Right to Rectification

You have the right to have inaccurate personal data corrected or completed if it is incomplete. We will make the correction within one month of your request.

To request a correction, contact us with:

  • Details of the inaccurate information
  • The correct information
  • Supporting evidence (if applicable)

We will inform any third parties with whom we have shared your data about the rectification.

3.4 Right to Erasure (Right to be Forgotten)

You have the right to request the deletion of your personal data in certain circumstances:

  • The personal data is no longer necessary for the purpose it was collected
  • You withdraw consent and there is no other legal basis for processing
  • You object to the processing and there are no overriding legitimate grounds
  • The personal data has been unlawfully processed
  • The personal data must be erased to comply with a legal obligation
  • The personal data was collected in relation to information society services offered to a child

We will respond to your erasure request within one month. However, we may refuse your request if we have a legal obligation to retain the data or if the data is needed for legal claims.

3.5 Right to Restriction of Processing

You have the right to request that we restrict the processing of your personal data in certain situations:

  • You contest the accuracy of the personal data (restriction applies while we verify accuracy)
  • The processing is unlawful, but you do not want the data erased
  • We no longer need the data, but you need it for legal claims
  • You have objected to processing (restriction applies while we verify our legitimate grounds)

When processing is restricted, we may store the data but not use it without your consent, except for legal claims, protecting another person's rights, or for important public interest reasons.

3.6 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You can also request that we transfer this data directly to another controller where technically feasible.

This right applies when:

  • The processing is based on consent or contract
  • The processing is carried out by automated means

We will provide your data in CSV or JSON format. The data will include information you provided to us, but not derived or inferred data.

3.7 Right to Object

You have the right to object to the processing of your personal data in certain circumstances:

  • Processing based on legitimate interests or public interest
  • Direct marketing (including profiling)
  • Processing for scientific, historical research, or statistical purposes

For direct marketing, we will stop processing your data immediately upon receiving your objection. For other types of processing, we will stop unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or for legal claims.

3.8 Rights Related to Automated Decision-Making and Profiling

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

Currently, we do not use automated decision-making or profiling that would significantly affect you. If this changes, we will inform you and provide information about the logic involved and the significance of such processing.

4. How to Exercise Your Rights

4.1 Making a Request

To exercise any of your GDPR rights, please contact us at:

Email: support@floviran.com

In your request, please include:

  • Your full name
  • Your email address
  • A description of the right you wish to exercise
  • Any relevant details or information
  • Proof of identity (if required)

4.2 Verification Process

To protect your privacy and security, we may need to verify your identity before processing your request. We may ask for:

  • Government-issued identification
  • Proof of address
  • Answers to security questions

4.3 Response Time

We will respond to your request within one month of receiving it. In complex cases or if we receive multiple requests from you, we may extend this period by two months. We will inform you of any extension within one month of receiving your request.

4.4 Free of Charge

We will process your requests free of charge. However, if your requests are manifestly unfounded or excessive (particularly if they are repetitive), we may:

  • Charge a reasonable fee based on administrative costs
  • Refuse to act on the request

5. Consent Management

5.1 Withdrawing Consent

Where we process your personal data based on consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

You can withdraw consent by:

  • Clicking the unsubscribe link in marketing emails
  • Adjusting your cookie preferences
  • Contacting us at support@floviran.com
  • Managing your account settings (if applicable)

5.2 Cookie Consent

You can manage your cookie preferences at any time through our cookie consent banner or your browser settings. To withdraw cookie consent:

  • Clear your browser cookies
  • Adjust cookie settings in our cookie banner
  • Use browser privacy settings to block cookies

6. Data Protection Principles

We process your personal data in accordance with the following GDPR principles:

  • Lawfulness, Fairness, and Transparency: We process data lawfully, fairly, and in a transparent manner
  • Purpose Limitation: We collect data for specified, explicit, and legitimate purposes
  • Data Minimisation: We collect only the data that is adequate, relevant, and necessary
  • Accuracy: We keep personal data accurate and up to date
  • Storage Limitation: We retain data only as long as necessary
  • Integrity and Confidentiality: We process data securely using appropriate technical and organisational measures
  • Accountability: We are responsible for and can demonstrate compliance with these principles

7. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Consent: You have given explicit consent for processing for specific purposes
  • Contract: Processing is necessary for a contract with you
  • Legal Obligation: Processing is necessary to comply with legal obligations
  • Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, except where overridden by your interests or fundamental rights

8. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules
  • Approved certification mechanisms

You have the right to obtain information about the safeguards we use for international transfers.

9. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours of becoming aware of the breach
  • Notify you without undue delay if the breach is likely to result in a high risk to your rights and freedoms
  • Provide information about the nature of the breach, its likely consequences, and the measures taken to address it

10. Children's Privacy

We do not knowingly collect or process personal data from children under 16 years of age without parental consent. If we become aware that we have collected data from a child without proper consent, we will delete it promptly.

Parents or guardians can:

  • Review their child's personal data
  • Request deletion of their child's data
  • Refuse further collection or use of their child's data

11. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have violated your data protection rights.

In Ireland, the supervisory authority is:

Data Protection Commission
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland

Phone: +353 (0)761 104 800
Email: info@dataprotection.ie
Website: www.dataprotection.ie

You can also contact the supervisory authority in your country of residence or place of work.

12. Retention Periods

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Contact Form Submissions: 2 years from submission
  • Newsletter Subscriptions: Until you unsubscribe
  • Website Analytics: 26 months
  • Cookie Data: As specified in cookie settings (typically 12 months)
  • Legal and Accounting Records: As required by law (typically 7 years)

After the retention period expires, we will securely delete or anonymise your personal data.

13. Security Measures

We implement appropriate technical and organisational measures to protect your personal data:

  • Encryption of data in transit (SSL/TLS)
  • Encryption of data at rest
  • Access controls and authentication
  • Regular security assessments and audits
  • Employee training on data protection
  • Incident response and breach notification procedures
  • Regular backups and disaster recovery plans
  • Secure data disposal procedures

14. Third-Party Processors

We may share your personal data with third-party processors who provide services on our behalf. These processors are contractually obligated to:

  • Process data only on our instructions
  • Implement appropriate security measures
  • Maintain confidentiality
  • Assist with data subject requests
  • Notify us of any data breaches
  • Delete or return data when services end

15. Marketing Communications

We will only send you marketing communications if:

  • You have given explicit consent
  • You are an existing customer and the marketing relates to similar products or services

You can opt out of marketing communications at any time by:

  • Clicking the unsubscribe link in emails
  • Contacting us at support@floviran.com
  • Updating your preferences in your account

16. Updates to This Information

We may update this GDPR Rights page from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

  • Posting the updated information on our website
  • Updating the "Last Updated" date
  • Sending email notifications for material changes

17. Contact Us

If you have any questions about your GDPR rights or our data protection practices, please contact us:

Email:
Support and Data Protection Queries: support@floviran.com
General Enquiries: info@floviran.com
Business Contact: contact@floviran.com

Postal Address:
floviran.com
142 Rathmines Road
Portlaoise, Co. Laois
Ireland

We aim to respond to all enquiries within 48 hours and will resolve your request within one month.

18. Additional Resources

For more information about GDPR and your rights, visit:

  • Irish Data Protection Commission: www.dataprotection.ie
  • European Commission GDPR Portal: ec.europa.eu/info/law/law-topic/data-protection
  • Your Rights Under GDPR: www.dataprotection.ie/en/individuals