GDPR Policy – GoldenStayCA

GoldenStayCA complies with the General Data Protection Regulation (GDPR) for all data processed relating to EU residents.

1. Lawful Basis

We collect and process personal data based on consent, contract necessity, legal obligations, and legitimate interests.

2. Data Categories

Collected data includes names, contact details, health records, payment information, and service usage data.

3. Rights of Data Subjects

EU residents have the right to access, rectify, erase, or restrict processing of their personal data, and to object or request portability.

4. International Transfers

Where data is transferred outside the EU, we ensure appropriate safeguards such as standard contractual clauses are in place.

5. Data Security

We use encryption, secure servers, and access controls to protect all personal data from loss, misuse, or unauthorized access.

6. Data Retention

Personal data is retained only as long as necessary to fulfill the purpose of collection or as required by law.

7. Data Processors

We may engage GDPR-compliant data processors for specific services such as hosting or analytics, under strict agreements.

8. Complaints

If you believe your data rights have been violated, you may file a complaint with your local supervisory authority or with us directly.

9. Contact

For GDPR-related concerns, please contact us at: gdpr@goldenstayca.com