GDPR Compliance

Last Updated: April 28, 2026

Our Commitment to Data Protection

NrryaChro Man is committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR). This page outlines how we handle your personal data in accordance with GDPR requirements.

Legal Basis for Processing

We process your personal data under the following legal bases:

  • Consent: When you provide explicit consent for specific processing activities
  • Contract: When processing is necessary to fulfill our services
  • Legitimate Interest: When we have a legitimate business interest that doesn't override your rights
  • Legal Obligation: When required by law

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right to Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data under certain circumstances.

Right to Restriction

You can request that we restrict processing of your personal data.

Right to Data Portability

You can request transfer of your data to another service provider.

Right to Object

You can object to processing of your personal data for specific purposes.

Right to Withdraw Consent

You can withdraw consent at any time where we rely on consent as the legal basis.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Service delivery and customer support
  • Legal and regulatory compliance
  • Dispute resolution

When data is no longer needed, it is securely deleted or anonymized.

Data Security Measures

We implement appropriate technical and organizational measures to ensure data security, including:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Employee training on data protection

International Data Transfers

If we transfer your data outside Canada or the European Economic Area, we ensure appropriate safeguards are in place to protect your information in accordance with GDPR requirements.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant supervisory authorities within 72 hours as required by GDPR.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: [email protected]
Address: 847 King Street West, Toronto, ON M5V 1P2, Canada

We will respond to your request within 30 days.

Complaints

If you believe we have not handled your data in accordance with GDPR, you have the right to lodge a complaint with your local supervisory authority.