GDPR & Data Protection Compliance

1. GDPR Overview

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to organizations that process personal data of EU residents. GDPR establishes strict rules about how personal data must be collected, processed, stored, and protected.

2. Our GDPR Commitments

We are committed to the following GDPR principles:

• Lawfulness, Fairness & Transparency: We process data based on lawful grounds and inform you about our practices
• Purpose Limitation: We collect data only for specified, explicit purposes
• Data Minimization: We collect only the minimum data necessary
• Accuracy: We maintain accurate and up-to-date information
• Storage Limitation: We retain data only as long as necessary
• Integrity & Confidentiality: We protect data with appropriate security measures
• Accountability: We can demonstrate our compliance with GDPR requirements

3. Legal Basis for Processing

Under GDPR, we process your personal data based on one or more of the following legal grounds:

• Consent: You have explicitly consented to the processing
• Contract: Processing is necessary to perform a contract with you
• Legal Obligation: We are required to process data by law
• Vital Interests: Processing is necessary to protect your vital interests
• Public Task: Processing is necessary for a public interest task
• Legitimate Interests: We have legitimate business interests that do not override your rights

4. Your GDPR Rights

Under GDPR, you have the following rights:

5. How to Exercise Your Rights

To exercise any of your GDPR rights, please submit a written request to our Data Protection Officer using the contact information below. We will respond to your request within 30 days (which may be extended by two months for complex requests). We may ask for verification of your identity before processing your request.

6. Data Protection Officer

We have appointed a Data Protection Officer (DPO) responsible for overseeing our GDPR compliance:

• Email: info@nccpllc.cc
• Phone: +1 (845) 904-7626

7. International Data Transfers

If your personal data is transferred outside the EU/EEA, we ensure adequate safeguards are in place. We use appropriate mechanisms such as Standard Contractual Clauses (SCCs) or other legally recognized transfer mechanisms to protect your data.

8. Data Processing Agreements

When we work with third-party processors, we enter into Data Processing Agreements (DPAs) that ensure they comply with GDPR requirements and provide adequate safeguards for your personal data.

9. Data Breaches

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify you without undue delay (and in any case, within 72 hours of becoming aware of the breach). We will provide information about the breach and recommend steps you can take to protect yourself.

10. Children's Data Protection

Our services are not directed to children under 16. If we become aware that we have collected personal data from a child under 16 without parental consent, we will delete such data promptly. In some EU countries, the age threshold may be higher.

11. Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your GDPR rights. Each EU/EEA country has a dedicated data protection authority.

12. Contact Us for GDPR-Related Inquiries

For questions about our GDPR compliance or to exercise your rights:

• Email: info@nccpllc.cc
• Phone: +1 (845) 904-7626
• Address: 102 GOLD AVE SW, ALBUQUERQUE, NM 87102