GDPR Compliance
Last updated: 3/3/2025
1. Introduction
This GDPR notice explains how Morocco Blog ("we," "us," or "our") processes personal data in accordance with the General Data Protection Regulation (GDPR). This notice applies to all users of our website from the European Economic Area (EEA).
2. Your Rights Under GDPR
Under GDPR, you have the following rights:
-
Right to Access:
You can request a copy of your personal data that we hold.
-
Right to Rectification:
You can request that we correct any inaccurate or incomplete personal data.
-
Right to Erasure:
You can request that we delete your personal data (the "right to be forgotten").
-
Right to Restrict Processing:
You can request that we limit how we use your personal data.
-
Right to Data Portability:
You can request a copy of your personal data in a machine-readable format.
-
Right to Object:
You can object to our processing of your personal data.
3. Data We Collect
| Data Category | Purpose | Legal Basis |
|---|---|---|
| Contact Information | To respond to inquiries and send newsletters | Consent |
| Usage Data | To improve our website and services | Legitimate Interest |
| Cookie Data | To enhance user experience | Consent/Legitimate Interest |
4. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. The retention periods are:
- Contact form submissions: 2 years
- Newsletter subscriptions: Until unsubscribed
- Account data: Until account deletion
- Usage data: 26 months
5. Data Transfers
We may transfer your personal data to countries outside the EEA. When we do so, we ensure appropriate safeguards are in place, including:
- EU Standard Contractual Clauses
- Privacy Shield certification (where applicable)
- Binding Corporate Rules
6. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- SSL encryption for all data transfers
- Regular security assessments
- Access controls and authentication
- Data backup and recovery procedures
7. Data Breaches
In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.
8. Data Protection Officer
While we are not required to have a Data Protection Officer, we have appointed a data protection contact person who can be reached at:
- Email: contact@moroccoblog.net
- Address: [Your Business Address]
9. Exercising Your Rights
To exercise any of your rights under GDPR, please contact us using the information below. We will respond to your request within 30 days.
Contact Information
- Email: contact@moroccoblog.net
- Contact Form: Contact Page
10. Complaints
If you are not satisfied with our response to your request or how we process your personal data, you have the right to lodge a complaint with a supervisory authority in your country of residence.