GDPR Compliance

Last Updated: 6/15/2025Version 1.0

Storytime Africa is committed to protecting the privacy and security of your personal data. This GDPR Compliance page outlines our practices in accordance with the General Data Protection Regulation (GDPR).

1. GDPR Principles

We adhere to the following GDPR principles:

  • Lawfulness, Fairness, and Transparency: We process data lawfully, fairly, and transparently.
  • Purpose Limitation: We collect data only for specified, explicit, and legitimate purposes.
  • Data Minimization: We collect only data that is adequate, relevant, and limited to what is necessary.
  • Accuracy: We ensure that personal data is accurate and kept up to date.
  • Storage Limitation: We keep data only for as long as necessary.
  • Integrity and Confidentiality: We protect data using appropriate security measures.
  • Accountability: We are responsible for complying with these principles.

2. Legal Basis for Processing

We process personal data based on the following legal bases:

  • Consent: We obtain your explicit consent to process your data for specific purposes.
  • Contract: We process data to fulfill our contractual obligations to you.
  • Legal Obligation: We process data to comply with legal requirements.
  • Legitimate Interests: We process data for our legitimate interests, provided that your rights are not overridden.

3. Data Subject Rights

Under GDPR, you have the following rights:

  • Right to Access: You can request access to your personal data.
  • Right to Rectification: You can correct inaccurate or incomplete data.
  • Right to Erasure (Right to be Forgotten): You can request the deletion of your data.
  • Right to Restriction of Processing: You can limit how we use your data.
  • Right to Data Portability: You can receive your data in a structured, commonly used format.
  • Right to Object: You can object to the processing of your data.
  • Right not to be subject to Automated Decision-Making: You can object to decisions based solely on automated processing.

4. Exercising Your Rights

To exercise your GDPR rights, please contact us at:

Email: [email protected]

Address: [Your Business Address]

5. International Data Transfers

If we transfer your data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place to protect your data, such as:

  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules (BCRs)
  • Adequacy decisions from the European Commission

6. Data Security Measures

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit and at rest
  • Regular security audits and assessments
  • Access controls and authentication
  • Secure data backups

7. Data Retention

We retain your data only for as long as necessary to fulfill the purposes for which it was collected, including legal and regulatory requirements.

8. Contact Information

For GDPR-related inquiries, please contact our Data Protection Officer:

Email: [email protected]

Address: [Your Business Address]

This GDPR Compliance page is effective as of 6/15/2025 and will be reviewed and updated periodically.

© 2025 Storytime Africa. All rights reserved.