GDPR Compliance

Last Updated: January 15, 2026

weasel-zone is committed to protecting the privacy and security of your personal data. This page explains how we comply with the General Data Protection Regulation (GDPR) for our clients in the European Economic Area (EEA) and United Kingdom.

Data Controller

weasel-zone acts as the data controller for personal information collected through our website and services. Our contact details are:

weasel-zone
847 Richmond Street West
Toronto, ON M6J 1C9
Canada
Email: [email protected]

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: When you submit inquiries or sign up for our services, you consent to our processing of your data for the stated purposes.
• Contract: Processing is necessary to fulfill our contractual obligations when you book our photography services.
• Legitimate Interests: We may process data for our legitimate business interests, such as improving our services, provided these do not override your rights.
• Legal Obligations: We process data when required by law.

Your Rights Under GDPR

If you are located in the EEA or UK, you have the following rights:

Right of Access

You have the right to request a copy of the personal data we hold about you. We will provide this information within 30 days of your request.

Right to Rectification

You have the right to request that we correct any inaccurate personal data or complete any incomplete data we hold about you.

Right to Erasure

You have the right to request that we delete your personal data in certain circumstances, including when the data is no longer necessary for the purposes for which it was collected.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

Right to Object

You have the right to object to the processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.

Right to Withdraw Consent

Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

International Data Transfers

As we are based in Canada, your personal data may be transferred to and processed in Canada. Canada has been recognized by the European Commission as providing adequate protection for personal data.

We ensure that any transfers of personal data outside the EEA are protected by appropriate safeguards, including standard contractual clauses approved by the European Commission.

Data Protection Officer

While we are not required to appoint a Data Protection Officer, we have designated a privacy contact who can address any questions or concerns about our data processing practices:

Email: [email protected]

Supervisory Authority

If you are located in the EEA or UK and believe that we have not complied with data protection laws, you have the right to lodge a complaint with your local supervisory authority.

Exercising Your Rights

To exercise any of your rights under GDPR, please contact us at:

Email: [email protected]
Subject Line: GDPR Request - [Your Request Type]

We will respond to your request within 30 days. In some cases, we may need to verify your identity before processing your request.

Updates to This Notice

We may update this GDPR notice from time to time to reflect changes in our practices or legal requirements. We will post any changes on this page and update the "Last Updated" date.