GDPR Compliance Statement

Amber Passey,

information professional

Our website is committed to protecting the privacy and personal data of our users. We comply with the General Data Protection Regulation (GDPR) of the European Union, which provides a set of rules for the collection, processing, and storage of personal data.

Lawful basis for processing personal data

We only collect, process, and store personal data for specific and legitimate purposes, as permitted by the GDPR. We ensure that we have a lawful basis for processing personal data, such as:

  • Consent: We obtain your consent before processing your personal data for specific purposes.
  • Contract: We process personal data when it is necessary to fulfill a contract or agreement.
  • Legal obligation: We process personal data when it is necessary to comply with a legal obligation.
  • Legitimate interests: We process personal data when it is necessary for our legitimate interests, such as improving our website and services.

Transparency and accountability

We are transparent about the personal data we collect, process, and store. We provide clear and concise information about the purposes of data processing, the types of personal data we collect, and the legal basis for processing personal data.

We take responsibility for complying with GDPR principles, and we have appointed a Data Protection Officer to oversee our data processing activities.

User rights

We respect the rights of our users under the GDPR. You have the right to:

  • Request access to the personal data we hold about you.
  • Request that we correct any inaccurate or incomplete personal data.
  • Request that we delete your personal data.
  • Object to the processing of your personal data.
  • Withdraw your consent to the processing of your personal data.

We respond promptly to all requests related to user rights.

Data security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or destruction. We regularly review and update our security measures to ensure the ongoing confidentiality, integrity, availability, and resilience of our processing systems and services.

Third-party data processors

We ensure that any third-party data processors we use comply with the GDPR. We have contracts in place with these processors that require them to comply with GDPR principles.

Breach notification

We have procedures in place to detect, report, and investigate personal data breaches. We notify users and authorities promptly if a data breach occurs.

Contact us

If you have any questions or concerns about our GDPR compliance, please contact our Data Protection Officer at

“Creative expression is a huge element of our days.
We are happier and more at peace when we’ve had time to create something.”

— Amber Passey, Mom of 4