At Leading Edge, your privacy is a serious matter, and we are committed to the protection of your personal information. Leading Edge Alliance Inc. (hereafter referred to as "we", "us", or "our") does not disclose, trade, share, or sell your personal information to anyone else unless and only to the extent required by applicable law.
Data Controller Information
What Personal Information do we collect?
When you visit our Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as "Device Information".
We collect Device Information using the following technologies:
- "Cookies" are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org. Most Web browsers can be set to inform you when a cookie has been sent to you and provide you with the opportunity to refuse that cookie. Additionally, if you have a Flash player installed on your computer, your Flash player can be set to reject or delete Flash cookies. However, refusing a cookie may, in some cases, preclude you from using, or negatively impact the display or function of, the Site or certain areas or features of the Site.
- "Log files" track actions occurring on the Site and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- "Web beacons", "tags", and "pixels" are electronic files used to record information about how you browse the Site.
We may also collect additional personal information that you voluntarily provide to us, such as your name, email address, phone number, and other contact information, when you sign up for our newsletter, submit a contact form, or otherwise interact with our Site.
Purpose and Legal Basis for Processing Personal Information
We process your personal information based on the following legal grounds:
- Consent: When you voluntarily provide us with personal information, such as signing up for our newsletter or submitting a contact form, we process your data based on your consent.
- Legitimate Interests: We process Device Information to improve and optimize our Site, for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns. Additionally, we may process your data to screen for potential risk and fraud.
Data Protection Impact Assessment (DPIA)
In compliance with the GDPR, we may conduct a Data Protection Impact Assessment (DPIA) for any new projects, systems, or processes that involve the processing of personal data and are likely to result in a high risk to the rights and freedoms of individuals. The purpose of a DPIA is to systematically identify and assess privacy risks, implement appropriate measures to mitigate those risks, and ensure the lawful and transparent processing of personal data.
Our DPIA process involves:
- Describing the data processing activity, including its purpose, nature, scope, and context.
- Identifying and assessing potential privacy risks and evaluating their likelihood and impact.
- Consulting with relevant stakeholders, including our Chief Operating Officer (COO), Director of Business Operations, and potentially affected individuals or their representatives.
- Implementing appropriate technical and organizational measures to address the identified risks and minimize their impact on individuals' privacy.
- Documenting the DPIA process, including risk assessment, consultations, and mitigation measures, as evidence of GDPR compliance.
- Regularly reviewing and updating the DPIA to reflect any changes in the data processing activity, technology, or legislation that may affect privacy risks.
If the DPIA identifies residual high risks that cannot be adequately mitigated, we will consult the relevant data protection authority before proceeding with the processing activity.
Data Categories and Recipients
In addition to Device Information, we may collect and process other categories of personal data, such as your name, email address, phone number, and other contact information.
We may share your personal information with third-party service providers and data processors that help us operate our Site, provide our services, and manage our communications. These third parties have access to your personal information only to perform specific tasks on our behalf and are obligated not to disclose or use your information for any other purpose.
If we transfer personal data to countries outside of the EU/EEA, we will ensure that adequate safeguards are in place to protect your data, such as using standard contractual clauses approved by the European Commission or ensuring that the recipient is certified under the EU-US Privacy Shield framework.
We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements. To determine the appropriate retention period, we consider the nature and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, and the purposes for which we process the data.
Data Subject Rights
Under the GDPR, you have the following rights regarding your personal data:
- The right to access your personal information.
- The right to rectify inaccurate or incomplete information.
- The right to erasure of your personal information (the "right to be forgotten").
- The right to restrict the processing of your personal information.
- The right to object to the processing of your personal information.
- The right to data portability, allowing you to receive your personal information in a structured, commonly used, and machine-readable format.
To exercise any of these rights, please contact us at email@example.com.
Withdrawal of Consent
If you have provided consent for the processing of your personal data, you have the right to withdraw your consent at any time. To withdraw your consent, please contact us at firstname.lastname@example.org.
We do not use automated decision-making or profiling that would have legal or similarly significant effects on you.
If you believe that your data protection rights have been infringed, you have the right to lodge a complaint with a supervisory authority in your country of residence, your place of work, or the place of the alleged infringement.
We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include secure servers, firewalls, encryption, and access controls.