GDPR Information

Last Updated: January 1, 2025

This page provides information about your data protection rights under the General Data Protection Regulation (GDPR) when using Happy Diner Story™: Cooking and our services.

Data Controller Information

The data controller for your personal information is:

Company Name: firstflintype.com
Address: 4521 Biscayne Blvd, Miami, FL 33137, United States
Email: support@firstflintype.com
Data Protection Officer: Available upon request

Legal Basis for Processing

We process your personal data under the following legal bases:

• Consent: When you explicitly agree to data processing for specific purposes
• Contract Performance: To provide the game service and fulfill our obligations
• Legitimate Interests: For analytics, security, and service improvement
• Legal Compliance: To comply with applicable laws and regulations
• Vital Interests: To protect health, safety, or prevent fraud

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right of Access (Article 15)

You have the right to:

• Obtain confirmation that we process your personal data
• Receive a copy of your personal data we hold
• Learn about the purposes, categories, and recipients of your data
• Know the retention period or criteria for determining it
• Understand your other GDPR rights

Right of Rectification (Article 16)

You have the right to:

• Correct inaccurate personal data
• Complete incomplete personal data
• Update your information when it changes

Right of Erasure (Article 17)

You have the right to request deletion of your personal data when:

• The data is no longer necessary for the original purpose
• You withdraw consent and there's no other legal basis
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed
• Erasure is required for legal compliance

Right to Restriction of Processing (Article 18)

You have the right to restrict processing when:

• You contest the accuracy of your personal data
• Processing is unlawful but you prefer restriction to erasure
• We no longer need the data but you need it for legal claims
• You object to processing pending verification of legitimate grounds

Right to Data Portability (Article 20)

You have the right to:

• Receive your personal data in a structured, commonly used format
• Transfer your data to another service provider
• Request direct transmission where technically feasible

Right to Object (Article 21)

You have the right to object to processing based on:

• Legitimate interests (including profiling)
• Direct marketing purposes
• Scientific, historical research, or statistical purposes

Right to Withdraw Consent (Article 7)

Where processing is based on consent, you have the right to:

• Withdraw consent at any time
• Be informed that withdrawal is possible before giving consent
• Have withdrawal be as easy as giving consent

How to Exercise Your Rights

To exercise any of your GDPR rights, you can:

Contact Us Directly

• Primary Contact: support@firstflintype.com
• Alternative: info@firstflintype.com
• Subject Line: Include "GDPR Request" in your email subject

Required Information

When making a request, please provide:

• Your full name and contact information
• Description of the specific right you want to exercise
• Details to help us locate your data (user ID, email address)
• Proof of identity if requested

Response Timeline

We will respond to your request:

• Within 1 month of receiving your request
• Extended to 3 months for complex requests (with explanation)
• Without charge for reasonable requests
• We may charge a fee for excessive or unfounded requests

Cookie Management

You can manage cookies and similar technologies through:

Browser Settings

• Block or delete cookies through browser preferences
• Set preferences for different types of cookies
• Receive notifications before cookies are set

Our Cookie Banner

• Accept or decline non-essential cookies
• Customize your preferences by category
• Change your preferences at any time

Third-Party Tools

• Google Analytics opt-out: tools.google.com/dlpage/gaoptout
• Industry opt-out pages for advertising cookies
• Device-level advertising controls (iOS/Android)

Data Transfers Outside EU

Some of your personal data may be transferred outside the European Union. We ensure adequate protection through:

• European Commission adequacy decisions
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules where applicable
• Appropriate technical and organizational measures

Automated Decision Making

We may use automated processing for:

• Game difficulty adjustment and personalization
• Fraud detection and security measures
• Content recommendation systems

You have the right to:

• Be informed about automated decision making
• Request human intervention
• Express your point of view
• Contest automated decisions

Data Security Measures

We implement appropriate technical and organizational measures:

Technical Measures

• Encryption of data in transit and at rest
• Access controls and authentication systems
• Regular security monitoring and updates
• Secure hosting and infrastructure

Organizational Measures

• Staff training on data protection
• Regular privacy impact assessments
• Data processing agreements with third parties
• Incident response procedures

Data Breach Notification

In case of a personal data breach that may result in high risk to your rights and freedoms:

• We will notify supervisory authorities within 72 hours
• We will inform affected individuals without undue delay
• We will provide clear information about the breach and mitigation steps

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.

EU Data Protection Authorities

Find your local data protection authority at: European Data Protection Board

Lead Supervisory Authority

For cross-border processing, our lead supervisory authority is determined based on our main establishment in the EU or the location of affected data subjects.

Children's Data Protection

For children under 16 years old (or lower age set by member state law):

• Parental consent is required for data processing
• We use reasonable efforts to verify parental consent
• Parents can exercise GDPR rights on behalf of their children
• Special protection applies to children's personal data

Regular Review and Updates

We regularly review our GDPR compliance:

• Annual privacy policy and procedure reviews
• Regular staff training on data protection
• Ongoing assessment of data processing activities
• Updates to reflect changes in law or business practices

Contact Information

For all GDPR-related inquiries:

Primary Contact: support@firstflintype.com
General Information: info@firstflintype.com
Business Contact: contact@firstflintype.com

Postal Address:
SEO Florida Properties, LLC - GDPR Department
4521 Biscayne Blvd
Miami, FL 33137
United States

Response Time: We aim to respond to all GDPR requests within 30 days of receipt.

Additional Resources

For more information about your data protection rights:

• European Data Protection Board: edpb.europa.eu
• Your local data protection authority website
• Our full Privacy Policy: Privacy Policy
• Our Terms of Use: Terms of Use