GDPR COMPLIANCE AGREEMENT

Last updated: January 7, 2023

Entering cyclingspots.com the website, this GDPR Compliance Agreement (the 'Agreement') is made and entered into by CyclingSpots (the 'Controller'), and you (the 'Data Subject').

The Controller and the Data Subject hereby agree as follows:

Purpose of Processing Personal Data. The Controller will process the Data Subject's personal data for the following purposes:

  • Analytics of website traffic
  • Disclosing identity of authors of published articles & features on cyclingspots.com
  • Publishing of business names with links to help them attract customers to their websites
  • Processing & tracking of payments made through cyclingspots.com

Personal Data to be Processed. The Controller will process the following categories of personal data about the Data Subject:

  • Identity of authors of published articles & features on cyclingspots.com

Legal Basis for Processing Personal Data. The legal basis for the processing of the Data Subject's personal data is Consent, Performance of a Contract, Legitimate Interest, Vital Interest, Legal Requirement, Public Interest.

Data Subject Rights

The Data Subject has the following rights with respect to their personal data:

  • The right to be informed about the processing of their personal data
  • The right of access to their personal data
  • The right to rectification of their personal data
  • The right to erasure of their personal data (the 'right to be forgotten')
  • The right to restrict processing of their personal data
  • The right to data portability
  • The right to object to the processing of their personal data
  • The right not to be subject to automated decision-making, including profiling

The Data Subject may exercise their rights by contacting the Controller at hello@cyclingspots.com.

Data Security

The Controller will implement appropriate technical and organizational measures to protect the Data Subject's personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

Data Retention.

The Controller will retain the Data Subject's personal data for a period of 1 (one) year. After this period, the personal data will be securely erased in accordance with data protection laws.

Third Parties.

The Controller may share the Data Subject's personal data with third parties for the purposes set out in this Agreement. The Controller will ensure that any such third parties provide sufficient guarantees with respect to the security and confidentiality of the Data Subject's personal data and will comply with all applicable data protection laws.

Changes to this Agreement. This Agreement may be amended from time to time by the Controller. The Data Subject will be notified of any changes to this Agreement and will be required to agree to any such changes before they take effect.

Governing Law.

This Agreement and the processing of the Data Subject's personal data shall be governed by the laws of France and the European Union.

Contact us

If you have any questions about this GDPR agreement, please contact us