GDPR Policy

Consumer Thoughts Limited ("we", "us", "our") is committed to compliance with the General Data Protection Regulation (GDPR). This GDPR Policy explains how we process personal data in accordance with GDPR requirements.

Data Controller

Consumer Thoughts Limited is the data controller responsible for your personal data. Our contact details can be found on our Contact Us page.

Lawful Basis for Processing

We process personal data based on the following lawful bases:

• Consent: Provided explicitly by you during signup or other interactions.
• Contract: Necessary to provide services requested by you.
• Legal obligation: Compliance with legal and regulatory requirements.
• Legitimate interests: For purposes such as service improvement and fraud prevention.
• Public interests: Where processing is required for public interest reasons.

Data Subject Rights

Under GDPR, you have the following rights:

• The right to be informed: You have the right to know how your data is collected, used, and stored.
• The right of access: You can request access to your personal data and obtain a copy of the information we hold about you.
• The right to rectification: You can request corrections to your personal data if it is inaccurate or incomplete.
• The right to erasure: You have the right to request deletion of your personal data, subject to certain conditions.
• The right to restrict processing: You can request the restriction or suppression of your personal data under certain circumstances.
• The right to data portability: You can request your personal data in a machine-readable format to transfer it to another organisation.
• The right to object: You can object to the processing of your personal data for certain purposes, including marketing.
• Rights in relation to automated decision-making and profiling: You have the right not to be subject to decisions based solely on automated processing that significantly affects you.

Data Processing Activities

We process personal data for the following purposes:

• Account registration and management.
• Service delivery and customer support.
• Marketing communications (where consent is provided).
• Analytics and performance monitoring using tools like Google Analytics (anonymised data).
• Authentication and secure access via Firebase Authentication (essential cookies).

All data processing activities are performed in compliance with GDPR requirements and applicable laws.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements. Data retention periods are regularly reviewed to ensure compliance.

Cookies and Third-Party Data Sharing

By using our site, you agree to our use of cookies and similar technologies for essential services and analytics purposes. For more information, please refer to our Cookie Policy.

We will only share your personal data, such as your email address and CV, with third parties if you explicitly consent. During the signup process, you will be able to specify which data you agree to share and with whom.

Data Security

We implement appropriate technical and organisational measures to protect your personal data. This includes secure encryption and access controls. However, no method of transmission or storage is entirely secure, and we cannot guarantee absolute security.

Data Transfers

Where necessary, we may transfer your personal data to third parties located outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place to protect your data.

Updates to This Policy

We may update this GDPR Policy from time to time to reflect changes in our practices, regulatory requirements, or for other operational or legal reasons. Any changes will be posted on this page, and we recommend checking it periodically.

Contact Us

If you have any questions about this GDPR Policy or your rights, please login to your account and use the contact form, or email us at [email protected].