The GDPR policies that went into effect on May 25th 2018 had no impact on the services provided by ShoeSize.Me. ShoeSize.Me had been and continues to function in full compliance with these EU policies.
The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas.
The following details ShoSize.Me's data processing standards and their compliance with Article 11 of the GDPR.
The processing of personal data by ShoeSize.Me (= the “controller”) does not require the identification of a data subject (= customer, user, of which we process P&R data) by ShoeSize.Me.
Therefore ShoeSize.Me only accepts data pseudonymised via hashed emails. ShoeSize.Me will reject any data submission which is not pseudonymised via hashed emails.
As per Art. 11 (1) GDPR (see above) ShoeSize.Me is not obliged to maintain, acquire, or process additional information in order to identify the data subject for the sole purpose of complying with the GDPR. Thus ShoeSize.Me can demonstrate that it is not in a position to identify a data subject and as per Art. 11 (2) GDPR in such cases, the following Articles of the GDPR shall not apply:
- Art. 15 – Right of access by the data subject
- Art. 16 – Right of Rectification
- Art. 17 – Right to erasure (‘right to be forgotten’)
- Art. 18 – Right to restriction of processing
- Art. 19 – Notification obligation regarding rectification or erasure of personal data or restriction of processing
- Art. 20 – Right to data portability
To comply with Art. 11 (1) Client provides only pseudonymised data to ShoeSize.Me. To this end ShoeSize.Me only accepts data pseudonymised via hashed emails. ShoeSize.Me will reject any data submission which is not pseudonymised via hashed emails.
Client only provides and ShoeSize.Me only accepts such data, which is required to fulfill the business objectives of ShoeSize.Me. This only includes (a) hashed email, (b) gender, (c) year of birth, (d) foot type, arch type, (e) size of shoe(s) being bought and/or returned, (f) all product details of shoe(s) being bought and/or returned
It is Client’s obligation to ensure that he is authorized to provide such data in pseudonymised form to ShoeSize.Me.
Need help? Contact us at email@example.com