GDPR Compliance

Last Updated: 2025-11-11

For EU/EEA/UK Residents

The General Data Protection Regulation (GDPR) grants residents of the European Union (EU), European Economic Area (EEA), and United Kingdom (UK) specific rights regarding their personal data.

Alyssa Howard Enterprises, LLC is committed to protecting your privacy and complying with GDPR requirements.

Your GDPR Rights

Under GDPR, you have the following rights:

1. Right to Access

You have the right to request a copy of the personal data we hold about you.

2. Right to Rectification

You can request correction of inaccurate or incomplete personal data.

3. Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data. We will comply within 30 days unless we have a legal obligation to retain it.

4. Right to Restriction

You can request that we limit how we process your data in certain circumstances.

5. Right to Data Portability

You have the right to receive your data in a structured, machine-readable format (JSON or CSV) and transfer it to another service.

6. Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

7. Right to Withdraw Consent

Where processing is based on consent (e.g., marketing emails, analytics cookies), you can withdraw consent at any time.

8. Right to Lodge a Complaint

You have the right to lodge a complaint with your local Data Protection Authority if you believe we have not handled your data properly.

How to Exercise Your Rights

To exercise any of your GDPR rights, contact us at:

Email: privacy@alyssaahoward.com

Subject Line: "GDPR Request - [Your Right]" (e.g., "GDPR Request - Access")

We will respond to your request within 30 days. If your request is complex or we receive multiple requests, we may extend this period by 2 months and will notify you.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide subscription services
  • Consent: Marketing emails, analytics cookies (explicit opt-in required)
  • Legitimate Interests: Platform security, fraud prevention, customer support
  • Legal Obligation: Tax compliance, legal requests, dispute resolution

Data Controller

The data controller responsible for your personal information is:

Alyssa Howard Enterprises, LLC

7901 4th St N, Ste 300
St. Petersburg, FL 33702
United States

International Data Transfers

Our platform operates from the United States. When you use our services from the EU/EEA/UK, your data is transferred to the United States.

GDPR Safeguards in Place:

  • Standard Contractual Clauses (SCCs): We have executed SCCs withSupabase Inc. to ensure lawful EU-US data transfers
  • Data Processing Addendum (DPA): Signed on 2025-11-11
  • GDPR-Compliant Processors: All third-party data processors comply with GDPR requirements

Data Retention

We retain personal data only for as long as necessary:

  • Account Deletion Requests: 30 days
  • Newsletter Unsubscribes: 30 days (suppression list maintained to prevent re-subscription)
  • Activity Logs: 365 days
  • Financial Records: Retained as required by law (typically 7 years for tax purposes)

Cookie Consent

For EU/EEA/UK visitors, we comply with the ePrivacy Directive cookie consent requirements:

  • Default Consent: Analytics and marketing cookies are set to "denied" by default
  • Explicit Opt-In: You must explicitly consent to non-essential cookies
  • Granular Control: You can accept or reject specific cookie categories

For more details, see our Cookie Policy.

Supervisory Authority

If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local Data Protection Authority:

Contact Us

For GDPR-related questions or to exercise your rights, contact us:

Alyssa Howard Enterprises, LLC

Privacy Inquiries: privacy@alyssaahoward.com

For comprehensive information about our data practices, see our Privacy Policy.