General Data Protection Regulation (GDPR) Compliance

Last Updated: June 14, 2024

Introduction

Bloompath is committed to protecting your personal data and respecting your privacy rights. This GDPR Compliance Notice explains how we collect, use, store, and protect your personal information in accordance with the General Data Protection Regulation.

Data Controller

Bloompath operates the website bloompath.sbs and is the data controller responsible for your personal data.

Contact details:

• Email: info@bloompath.sbs
• Phone: +16135428400
• Address: 60 Merchant Dr, Mount Pearl, NL A1N 5J5, Canada

Personal Data We Collect

We may collect and process the following categories of personal data:

Information You Provide

• Name and contact information
• Email address and phone number
• Account credentials
• Payment and billing information
• Course enrollment and progress data
• Communications you send to us

Information Collected Automatically

• Device information and IP address
• Browser type and version
• Usage data and interaction patterns
• Cookies and similar tracking technologies
• Access times and referring website addresses

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide educational services you have requested
• Consent: Where you have given explicit consent for specific processing activities
• Legitimate Interests: For business operations, security, and service improvement
• Legal Obligation: To comply with applicable laws and regulations

How We Use Your Personal Data

We use your personal data for the following purposes:

• Providing access to masterclass content and educational materials
• Processing enrollment and managing your account
• Communicating about courses, updates, and support
• Processing payments and maintaining transaction records
• Improving our platform and personalizing your experience
• Sending promotional materials where you have consented
• Ensuring platform security and preventing fraud
• Complying with legal and regulatory requirements

Data Sharing and Disclosure

We may share your personal data with:

• Service providers who assist in platform operations
• Payment processors for transaction handling
• Analytics providers to understand platform usage
• Professional advisors including lawyers and accountants
• Law enforcement or regulatory bodies when legally required

We do not sell your personal data to third parties.

International Data Transfers

Your personal data may be transferred to and processed in countries outside your jurisdiction. When we transfer data internationally, we ensure appropriate safeguards are in place through:

• Standard contractual clauses approved by regulatory authorities
• Adequacy decisions recognizing equivalent data protection
• Other legally approved transfer mechanisms

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this notice:

• Account data: Duration of active account plus required retention period
• Transaction records: As required by applicable financial regulations
• Communications: Until the purpose is fulfilled or you request deletion
• Marketing data: Until you withdraw consent or request removal

Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of Access

You can request copies of your personal data we hold.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data under certain circumstances.

Right to Restrict Processing

You can request limitation on how we use your personal data.

Right to Data Portability

You can request transfer of your data in a structured, commonly used format.

Right to Object

You can object to processing based on legitimate interests or for direct marketing.

Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time.

Right to Lodge a Complaint

You can file a complaint with your local data protection authority.

Exercising Your Rights

To exercise any of these rights, contact us at:

• Email: info@bloompath.sbs
• Phone: +16135428400

We will respond to your request within one month. If your request is complex or numerous, we may extend this period by two additional months with notification.

Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption of data in transit and at rest
• Access controls and authentication systems
• Regular security assessments and updates
• Staff training on data protection practices
• Incident response and breach notification procedures

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance platform functionality. You can control cookie preferences through your browser settings. Some features may not function properly if cookies are disabled.

Automated Decision Making

We do not use automated decision making or profiling that produces legal or similarly significant effects without human intervention.

Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware of such collection, we will delete the information promptly.

Changes to This Notice

We may update this GDPR Compliance Notice periodically. Changes become effective when posted on this page. We encourage you to review this notice regularly. The last updated date appears at the top of this document.

Data Protection Officer

For questions about data protection practices or this notice, contact our data protection team at info@bloompath.sbs.

Contact Information

For any questions, concerns, or requests regarding your personal data:

Bloompath
60 Merchant Dr, Mount Pearl, NL A1N 5J5, Canada
Email: info@bloompath.sbs
Phone: +16135428400