Data Controller: Thomreonshral · 231 Albert Sabin Way, Cincinnati, OH 45267, USA · Email: askuse@thomreonshral.world · Phone: +1 513-558-6743
1. Introduction
Thomreonshral ("we", "our", "us") operates the website at thomreonshral.world (the "Site"). We are committed to protecting the personal data of all individuals who visit or interact with our Site. This Privacy Policy describes what personal data we collect, why we collect it, how we use it, and the rights you hold in relation to it.
This Policy applies to all users of the Site, including residents of the European Union and the European Economic Area, and has been prepared to comply with Regulation (EU) 2016/679 (the General Data Protection Regulation, "GDPR"), as well as other applicable data protection laws.
2. Data We Collect
2.1 Data you provide directly
When you submit the contact form on our Site, we collect the following personal data:
- Full name
- Email address
- The content of your message
- A record of your GDPR consent
When you subscribe to our newsletter, we collect your email address and a record of your consent.
2.2 Data collected automatically
When you visit our Site, certain technical data may be collected automatically by our hosting provider and through cookies. This may include:
- IP address (anonymised where technically possible)
- Browser type and version
- Operating system
- Pages visited and time spent on each page
- Referring URLs
- Date and time of access
For detailed information on cookies, please refer to our Cookie Policy.
3. Legal Basis for Processing
We process your personal data on the following legal bases:
- Consent (Art. 6(1)(a) GDPR): Where you have given explicit consent, for example when completing the contact form or subscribing to our newsletter, or when accepting non-essential cookies.
- Legitimate interests (Art. 6(1)(f) GDPR): For operating and securing the Site and for basic analytics that help us improve our content. We have balanced these interests against your rights and concluded they do not override your fundamental freedoms.
- Legal obligation (Art. 6(1)(c) GDPR): Where processing is necessary to comply with a legal obligation to which we are subject.
4. Purposes of Processing
| Purpose | Legal Basis | Data Used |
|---|---|---|
| Responding to contact form enquiries | Consent | Name, email, message |
| Sending newsletter communications | Consent | Email address |
| Site security and fraud prevention | Legitimate interests | IP address, access logs |
| Analytics and site improvement | Consent (for non-essential cookies) | Anonymised usage data |
| Compliance with legal obligations | Legal obligation | As required by law |
5. Data Retention
We retain personal data only for as long as necessary for the purposes described in this Policy:
- Contact form data: Retained for a maximum of 24 months from the date of submission, unless an ongoing relationship requires longer retention.
- Newsletter subscriber data: Retained until you unsubscribe, after which it is deleted within 30 days.
- Server logs: Typically retained for 30 to 90 days depending on our hosting provider's standard settings.
- Cookie consent records: Retained for 12 months from the date of consent.
Where data is no longer required, we delete or anonymise it securely.
6. Data Sharing and Third Parties
We do not sell, rent, or trade personal data. We may share limited data with the following categories of service providers, solely to operate and maintain the Site:
- Hosting provider: Our website is hosted on servers operated by a third-party hosting company. They may process technical data (including IP addresses) as part of providing hosting services. They act as a data processor on our behalf.
- Email service provider: Used to send contact form confirmations and newsletter communications, if applicable.
- Analytics provider: If you have consented to analytics cookies, anonymised usage data may be processed by a third-party analytics provider.
All third-party processors are bound by data processing agreements and are required to handle personal data in accordance with applicable law.
7. International Data Transfers
Our business is based in the United States. If you are located in the European Union or European Economic Area, your personal data may be transferred to and processed in the United States. The United States does not have an adequacy decision from the European Commission for all transfer scenarios. Where such transfers occur, we rely on appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission under Art. 46(2)(c) GDPR, to ensure an adequate level of data protection.
8. Your Rights Under GDPR
If you are located in the EU or EEA, you hold the following rights in relation to your personal data:
- Right of access (Art. 15 GDPR): You may request a copy of the personal data we hold about you.
- Right to rectification (Art. 16 GDPR): You may request that inaccurate or incomplete data be corrected.
- Right to erasure (Art. 17 GDPR): You may request deletion of your personal data where there is no longer a legitimate basis for processing it.
- Right to restriction (Art. 18 GDPR): You may request that processing be restricted in certain circumstances.
- Right to data portability (Art. 20 GDPR): Where processing is based on consent or contract and carried out by automated means, you may receive your data in a structured, machine-readable format.
- Right to object (Art. 21 GDPR): You may object to processing based on legitimate interests.
- Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal.
- Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or the place of the alleged infringement.
To exercise any of these rights, please contact us at askuse@thomreonshral.world. We will respond within one month of receiving your request, as required by Art. 12 GDPR.
9. Security
We have implemented appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include the use of HTTPS for all data transmitted to and from the Site, access controls on systems that hold personal data, and regular review of our security practices.
No method of transmission over the internet is completely secure. While we take reasonable precautions, we cannot guarantee absolute security.
10. Children's Privacy
This Site is not directed at children under the age of 16. We do not knowingly collect personal data from individuals under 16. If you believe we have inadvertently collected such data, please contact us immediately and we will delete it promptly.
11. Links to Other Websites
Our Site does not contain links to external third-party websites. Should any such links be added in the future, this policy will be updated accordingly. We are not responsible for the privacy practices of any third-party sites.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The "Last updated" date at the top of this page indicates when the most recent revision was made. Where changes are material, we will take reasonable steps to notify users. We encourage you to review this Policy periodically.
13. Contact and Complaints
For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:
- Email: askuse@thomreonshral.world
- Phone: +1 513-558-6743
- Postal address: 231 Albert Sabin Way, Cincinnati, OH 45267, USA
If you are based in the EU and are not satisfied with our response, you have the right to lodge a complaint with the relevant national data protection supervisory authority in your country of residence.