GDPR Compliance Information
Although EcoScrap primary business caters to regional green trading, we adhere to the highest global privacy standards. For users navigating our platform from the European Union (EU), we comply strictly with the General Data Protection Regulation (GDPR) guidelines regarding personal data processing.
1. Principles of Data Processing
We collect and process your personal data under the following core principles:
- Lawfulness, Fairness, & Transparency: Data is collected only for clear scrap-listing purposes.
- Purpose Limitation: We gather contact and geographic data strictly to map sellers and buyers.
- Data Minimization: We do not request extraneous financial, personal, or demographic details.
- Accuracy & Security: Users can update outdated details, and accounts are protected by secured token hashes.
2. Your Seven Core GDPR Rights
As an EcoScrap user, you hold complete autonomy over your personal details:
- Right of Access: You can request full copies of all personal identity and listing logs linked to your email.
- Right to Rectification: You can instantly edit and correct incomplete mobile numbers or addresses inside the dashboard.
- Right to Erasure (To Be Forgotten): You can request complete, permanent deletion of your profile, MSME uploads, and scrap posts.
- Right to Data Portability: Request your historical data formatted in readable JSON configurations.
- Right to Object: You can opt-out of automatic location fetching or platform notification triggers.
- Right to Restrict Processing: Ask us to temporarily pause listing displays while you audit profile changes.
- Right to lodge a complaint: File formal grievances with local EU data protection authorities.
3. Data Controller Contact
For all GDPR-related inquiries, access requests, or deletion protocols, contact our designated Data Protection Officer (DPO) at support@ecoscrap.com. All verified requests will be addressed within 30 days without any cost to the user.