GDPR Compliance

Last updated: June 15, 2026

sleek-geyser is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR). This page outlines how we handle your personal data in accordance with GDPR requirements.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: When you provide explicit consent for specific purposes
• Contractual necessity: To fulfill our obligations when you book our services
• Legitimate interests: To improve our services and communicate with you
• Legal obligations: To comply with applicable laws and regulations

Your Rights Under GDPR

As a data subject, you have the following rights:

• Right to access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data (right to be forgotten)
• Right to restrict processing: Request limitation of how we use your data
• Right to data portability: Receive your data in a structured, commonly used format
• Right to object: Object to processing of your personal data
• Right to withdraw consent: Withdraw consent at any time where processing is based on consent

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Active customer data: retained while you use our services
• Booking records: retained for 7 years for legal and accounting purposes
• Marketing communications: until you unsubscribe or withdraw consent

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area. We ensure appropriate safeguards are in place to protect your data in accordance with GDPR requirements.

Data Protection Officer

For questions regarding our data protection practices or to exercise your GDPR rights, please contact us at [email protected]

Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on you.

Data Security Measures

We implement appropriate technical and organizational measures including:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication procedures
• Staff training on data protection

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at [email protected]. We will respond to your request within one month.

Complaints

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local data protection authority.