Your GDPR Rights

Right to Access

What it means: You can request a copy of all personal data we hold about you.

What you'll receive:

• All personal information in our systems
• How we use your data
• Who we share it with
• How long we keep it
• Data in a structured, machine-readable format (JSON or CSV)

How to exercise:

• Online: Use the "Download My Data" feature in your account settings
• Email: Send a request to privacy@krownlink.com

Response time:

Within 30 days (may be extended to 60 days for complex requests)

Cost:

Free (first request). Reasonable fee may apply for excessive or repetitive requests.

Right to Rectification

What it means: You can correct inaccurate or incomplete personal data.

What you can update:

• Name, email, phone number
• Profile information
• Business details (for stylists)
• Payment information

How to exercise:

• Online: Update information in your account settings
• Email: Contact support@krownlink.com for assistance

Response time:

Immediate (for self-service updates) or within 30 days (for assisted updates)

Right to Erasure ("Right to be Forgotten")

What it means: You can request deletion of your personal data in certain circumstances.

When this applies:

• The data is no longer necessary for the purpose it was collected
• You withdraw consent and there's no other legal basis
• You object to processing and there are no overriding legitimate grounds
• The data was unlawfully processed
• Legal obligation requires deletion

Exceptions (we may retain data if):

• Required by law (e.g., tax records for 7 years)
• Necessary for legal claims or defense
• Public interest or scientific research purposes

How to exercise:

• Online: Use the "Delete Account" feature in settings
• Email: Request deletion at privacy@krownlink.com

What happens:

• Account deactivated immediately
• Personal data deleted within 30 days
• Some data retained for legal compliance (anonymized where possible)
• Confirmation email sent when complete

Right to Restriction of Processing

What it means: You can request that we limit how we use your data in certain situations.

When this applies:

• You contest the accuracy of the data (while we verify)
• Processing is unlawful but you don't want deletion
• We no longer need the data but you need it for legal claims
• You've objected to processing (pending verification)

What happens:

• Data is stored but not actively processed
• We can still process with your consent or for legal claims
• We notify you before lifting the restriction

How to exercise:

Email privacy@krownlink.com with your request and reason

Right to Data Portability

What it means: You can receive your data in a portable format and transfer it to another service.

What you'll receive:

• Your personal data in JSON or CSV format
• Structured, commonly used, machine-readable format
• Data you provided to us (not derived or inferred data)

Included data:

• Account information
• Profile details
• Booking history
• Reviews you've written
• Messages (where technically feasible)

How to exercise:

• Online: Click "Export Data" in account settings
• Email: Request at privacy@krownlink.com

Response time:

Within 30 days

Right to Object

What it means: You can object to certain types of data processing.

You can object to:

• Direct Marketing: Absolute right to object (we must stop immediately)
• Legitimate Interests: We must stop unless we have compelling legitimate grounds
• Profiling: Automated decision-making based on your data

How to exercise:

• Marketing: Click "Unsubscribe" in any marketing email
• Other Processing: Email privacy@krownlink.com
• Account Settings: Adjust notification preferences

Effect:

• Marketing emails stop immediately
• Other processing stops unless we have overriding legitimate grounds
• You'll receive confirmation of your objection

Right to Withdraw Consent

What it means: Where processing is based on consent, you can withdraw it at any time.

Applies to:

• Marketing communications
• Non-essential cookies
• Precise location tracking
• Optional data collection

How to exercise:

• Marketing: Click "Unsubscribe" in emails
• Cookies: Adjust cookie preferences in footer
• Location: Disable in browser or device settings
• Other: Contact privacy@krownlink.com

Important:

Withdrawing consent doesn't affect the lawfulness of processing before withdrawal.

Right to Lodge a Complaint

What it means: You can file a complaint with a data protection authority if you believe we've violated your rights.

Supervisory Authorities:

Germany:

Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI)
Website: www.bfdi.bund.de
Email: poststelle@bfdi.bund.de
Phone: +49 (0)228 997799-0

Netherlands:

Autoriteit Persoonsgegevens
Website: autoriteitpersoonsgegevens.nl
Email: info@autoriteitpersoonsgegevens.nl
Phone: +31 (0)70 888 8500

Before filing a complaint:

We encourage you to contact us first at privacy@krownlink.com so we can try to resolve the issue directly.