Last updated: January 2024
Mierscamia is committed to protecting the privacy and rights of individuals in accordance with the General Data Protection Regulation (GDPR). This page provides information specific to how we handle personal data of individuals in the European Economic Area (EEA) and the United Kingdom.
For the purposes of the GDPR, Mierscamia is the data controller responsible for your personal data. Our contact details are:
Mierscamia
245 King Street West, Suite 400
Toronto, ON M5V 1J2
Canada
Email: [email protected]
We process your personal data based on the following legal grounds:
As a data subject under the GDPR, you have the following rights:
Right of Access: You have the right to request a copy of the personal data we hold about you, along with information about how we use it.
Right to Rectification: You have the right to request that we correct any personal data that is inaccurate or complete any data that is incomplete.
Right to Erasure: You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.
Right to Restriction: You have the right to request that we limit the processing of your personal data in certain circumstances.
Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.
Right to Object: You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
As we are based in Canada, your personal data may be transferred to and processed in Canada. Canada has been recognized by the European Commission as providing an adequate level of data protection. Where data is transferred to other countries, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. When determining retention periods, we consider:
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption, access controls, and regular security assessments.
We do not engage in automated decision-making, including profiling, that produces legal effects or similarly significantly affects you.
To exercise any of your rights under the GDPR, please contact us at [email protected]. We will respond to your request within one month of receipt. In certain circumstances, we may extend this period by two further months, in which case we will inform you of the extension and the reasons for it.
If you believe that we have not complied with your data protection rights, you have the right to lodge a complaint with a supervisory authority. For individuals in the EEA, you may contact your local data protection authority. For individuals in the UK, you may contact the Information Commissioner's Office (ICO).
We may update this GDPR compliance notice from time to time. Any changes will be posted on this page with an updated revision date.