KITZ Corporation of America

GDPR PRIVACY NOTICE

Welcome to KITZ Corporation of America's GDPR privacy notice.

KITZ Corporation of America is committed to protecting the privacy and security of your personal data. In accordance with the General Data Protection Regulation 2016/679 (the “GDPR”), this privacy notice aims to give you information on how KITZ Corporation of America processes your personal data through your use of our website and during and after the supply of products or use of any of the services provided by us and our group companies.

1. IDENTIFY OF CONTROLLER (Article 13-1-(a) (e) of the GDPR)

KITZ Corporation of America whose Registered Office is 10750 Corporate Dr, Stafford, TX 77477 USA (collectively referred to as Company, we, us, our in this privacy notice) is the controller and responsible for your personal data. We are required under data protection legislation to notify you of the information contained in this privacy notice.

The identity and the contact details of the controller is:

James Walther, President

KITZ Corporation of America

10750 Corporate Dr,

Stafford, TX 77477 USA

Tel: +1-281-491-7333

URL: http://www.kitzus-kca.com/contact-us.php

2. PURPOSE OF PROCESSING PERSONAL DATA (Article 13-1-(c) (d) of the GDPR)

We use your personal data for some or all of the following purposes and legal basis:

3. DATA TRANSFER (Article 13-1-(f) of the GDPR)

Our website is accessible from overseas so on occasion some personal data may be provided from the EU. We may need to transfer such personal data outside the European Economic Area. Those transfers would always be made in compliance with the GDPR. Any electronic personal data transferred to countries or territories outside the EU will only be placed on systems complying with measures giving equivalent protection of personal rights either through international agreements or contracts approved by the European Union.

4. DATA RETENTION (Article 13-2-(a) of the GDPR)

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

5. RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION (Article 13-2-(b) of the GDPR)

You have the following rights with respect to your personal data:

• Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

• Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

• Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).

• Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.

• Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.

• Data portability of your personal data to another party. You have the right to request that we transfer some of your data to another controller. We will comply with your request, where it is feasible to do so.

6. RIGHT TO WITHDRAW CONSENT (Article 13-2-(c) of the GDPR)

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

7. RIGHT TO LODGE A COMPLAINT (Article 13-2-(d) of the GDPR)

You have the right to lodge a complaint at any time to a competent supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority so please contact us in the first instance.

8. PROVISION OF PERSONAL DATA (Article 13-2-(e) of the GDPR)

Your provision of personal data on our website is not a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as you are not obliged to provide the personal data. The failure to provide such data may cause difficulty in communications between you and the Company.

9. AUTOMATED DECISION-MAKING (Article 13-2-(f) of the GDPR)

We will not use personal data for any monitoring or profiling activity or process, and will not adopt any automated decision making processes.