GDPR Compliance

Last updated: May 17, 2025

1. Introduction

At Mad EZ Media, we are committed to protecting the privacy and security of your personal data. This GDPR Compliance Statement explains how we comply with the General Data Protection Regulation (GDPR) and outlines your rights under this regulation.

2. Data Controller

Mad EZ Media is the data controller for personal data collected through our website and services. This means we determine the purposes and means of processing your personal data.

3. Lawful Basis for Processing

We process your personal data on the following lawful bases:

• Consent: Where you have given clear consent for us to process your personal data for a specific purpose.
• Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
• Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
• Legitimate Interests: Where processing is necessary for the purposes of legitimate interests pursued by us or a third party, except where such interests are overridden by your interests, rights, or freedoms.

4. Your Rights Under GDPR

Under the GDPR, you have the following rights:

• Right to Access: You have the right to request copies of your personal data.
• Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.
• Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us using the information provided in the "Contact Us" section below.

5. Data Protection Measures

We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of personal data where appropriate
• Regular testing, assessing, and evaluating the effectiveness of technical and organizational measures
• Measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services
• Measures to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
• Staff training and awareness programs on data protection

6. International Data Transfers

We may transfer your personal data to countries outside the European Economic Area (EEA). Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
• Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
• Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

7. Data Breach Procedures

In the case of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay.

8. Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this GDPR Compliance Statement. If you have any questions about this statement or how we handle your personal data, please contact our DPO using the information provided in the "Contact Us" section below.

9. Changes to This GDPR Compliance Statement

We may update our GDPR Compliance Statement from time to time. We will notify you of any changes by posting the new statement on this page and updating the "Last updated" date at the top of this statement.

You are advised to review this statement periodically for any changes. Changes to this statement are effective when they are posted on this page.

10. Contact Us

If you have any questions about this GDPR Compliance Statement or our data protection practices, please contact our Data Protection Officer at:

Email: dpo@madezmedia.co
Address: Mad EZ Media, 123 Business Street, Suite 456, New York, NY 10001, USA