GDPR & UK GDPR notice

Effective date: May 10, 2026 · Last updated: May 10, 2026

This notice supplements our general Privacy Policy. Unless defined here, capitalized terms match the Privacy Policy.

1. Controller

For personal data covered by this notice, the controller is Digital Media Services LLC, 3103 Ash Court, Dunedin, Florida 34698, United States.

We do not intend to establish an establishment in the EEA or UK solely through this Site; however, where EU or UK law applies to our processing, this notice explains our obligations.

2. Legal bases (Article 6 GDPR / UK GDPR)

Depending on the activity, we rely on one or more of the following:

• Legitimate interests (Art. 6(1)(f)): operating, securing, and improving the Site; measuring aggregated traffic; responding to enquiries; fraud prevention — balanced against your rights.
• Consent (Art. 6(1)(a)): where required for non-essential cookies or similar technologies (e.g., analytics or marketing tags). You may withdraw consent at any time without affecting prior lawful processing.
• Contract (Art. 6(1)(b)): where processing is necessary to take steps at your request before entering an agreement or to perform a contract you have with us (if applicable to a future signed service).
• Legal obligation (Art. 6(1)(c)): where we must retain or disclose data to comply with law.

3. Categories of personal data

Through the Site we may process:

• Technical / usage data: IP address, device and browser type, referring URL, approximate location from IP, timestamps, request logs (often via hosting or CDN).
• Communication data: name, email, phone, or message content if you contact us.
• Analytics identifiers: if you consent to analytics cookies, pseudonymous identifiers assigned by our analytics tools.

4. Purposes

We use personal data to provide the Site, measure aggregate audience size, secure services, troubleshoot abuse, answer requests, and comply with law.

5. Recipients & processors

We use trusted service providers (e.g., hosting, Firebase/Google infrastructure for Site delivery and measurement where enabled). They process data on documented instructions and implement appropriate safeguards. A list of key categories is available on request.

6. International transfers

Your data may be processed in the United States and other countries outside the EEA/UK. Where transfers are not covered by an adequacy decision, we use appropriate safeguards such as the EU Commission Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum / UK IDTA as applicable, together with supplementary measures where required by law.

7. Retention

We retain personal data only as long as necessary for the purposes above, including resolving disputes and satisfying legal, accounting, or reporting requirements. Server logs may be kept for limited periods according to hosting defaults unless a longer period is justified.

8. Your rights

Subject to conditions and exemptions in applicable law, you may have the right to:

• Access your personal data (Art. 15);
• Rectify inaccurate data (Art. 16);
• Erase data (“right to be forgotten”) in certain cases (Art. 17);
• Restrict processing (Art. 18);
• Data portability for data you provided, where processing is automated and based on consent or contract (Art. 20);
• Object to processing based on legitimate interests or for direct marketing (Art. 21);
• Withdraw consent where processing was consent-based, without affecting prior lawful processing;
• Lodge a complaint with a supervisory authority (Art. 77), typically in your habitual residence, place of work, or place of the alleged infringement.

To exercise rights, contact us using the details below. We may need to verify your identity before responding. You may also have rights under local Member State law.

9. Automated decision-making

We do not use the Site to perform solely automated decisions that produce legal or similarly significant effects concerning you.

10. Contact & supervisory authorities

EU/European Data Protection Board listing of supervisory authorities: EDPB members. UK: Information Commissioner’s Office (ICO).

This notice is provided for transparency and does not constitute legal advice. Requirements vary by facts, jurisdiction, and product features — consult qualified counsel for your compliance program.