← Back

GDPR Compliance

Last updated: March 23, 2026

GRANDLINE Company LLC is committed to complying with the General Data Protection Regulation (GDPR) for our customers in the European Economic Area (EEA). This page outlines your rights and how we handle your personal data.

1. Data Controller

GRANDLINE Company LLC acts as the data controller for personal data collected through our website. Contact details:

• Email: info@grandlinecompany.com
• Address: 1209 Mountain Road Pl NE Ste R, Albuquerque, NM 87110, USA

2. Legal Basis for Processing

We process your personal data under the following legal bases:

• Contract Performance: Processing necessary to fulfill your orders and provide our services
• Legitimate Interest: Processing necessary for fraud prevention, website security, and service improvement
• Consent: Processing for marketing communications and non-essential cookies, where you have given explicit consent
• Legal Obligation: Processing required to comply with tax, accounting, and other legal requirements

3. Your GDPR Rights

Under the GDPR, you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restriction: Request that we restrict processing of your personal data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing of your personal data for certain purposes
• Right to Withdraw Consent: Withdraw consent at any time for consent-based processing

4. International Data Transfers

As a US-based company, your data may be transferred to and processed in the United States. We implement appropriate safeguards to ensure your data is protected in accordance with GDPR requirements, including standard contractual clauses where applicable.

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods:

• Order and transaction data: 7 years (tax compliance)
• Account information: Until account deletion request
• Marketing consent records: Until consent is withdrawn
• Website analytics: 26 months

6. Data Protection Officer

For GDPR-related inquiries, please contact us at info@grandlinecompany.com with the subject line "GDPR Request." We will respond to all legitimate requests within 30 days.

7. Right to Lodge a Complaint

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with your local supervisory authority in the EEA.

8. Exercising Your Rights

To exercise any of your GDPR rights, please contact us at info@grandlinecompany.com. We may need to verify your identity before processing your request. We will respond within 30 days of receiving your verified request.