Golden Ladle Co.
Applies to customers in the European Economic Area (EEA)

This section supplements our Privacy Policy and ensures compliance with the General Data Protection Regulation (GDPR).

1. Data Controller

Golden Ladle Co. is the Data Controller responsible for your personal data.

Contact: support@goldenladleco.com

2. Legal Basis for Processing

We process personal data under the following legal bases:

• Contractual necessity (processing orders)

• Legal obligation (tax and accounting records)

• Legitimate interest (fraud prevention, analytics)

• Consent (marketing emails)

You may withdraw consent at any time.

3. Your GDPR Rights

As an EU resident, you have the right to:

• Access your personal data

• Rectify inaccurate data

• Erase your data (“Right to be Forgotten”)

• Restrict processing

• Data portability

• Object to processing

• Lodge a complaint with a supervisory authority

To exercise your rights, email: support@goldenladleco.com

We will respond within 30 days as required by law.

4. Data Retention

We retain personal data only as long as necessary for:

• Fulfilling contracts

• Legal compliance

• Legitimate business interests

5. Data Transfers Outside the EU

If data is transferred outside the EEA, we ensure appropriate safeguards such as:

• Standard Contractual Clauses (SCCs)

• Approved third-party compliance frameworks

6. Data Security Measures

We implement:

• SSL encryption

• Secure payment gateways

• Limited access controls

• Regular monitoring for vulnerabilities

7. Automated Decision-Making

Golden Ladle Co. does not use automated decision-making or profiling that produces legal effects on customers.