GDPR
GDPR Policy
1. Scope of Application
This GDPR Policy explains the basic principles we follow when processing personal data during your use of oaknestle (hereinafter “we”) online store.
It applies to all online activities, including website browsing, order placement, payment, order management, and customer communication, and is limited to online service contexts.
2. How We Define Personal Data
Personal data refers to information that can directly or indirectly identify a user during the provision of services.
Such data is primarily used to support order processing, service communication, and the normal operation of the website, and is not collected or used outside of these service contexts.
3. Sources and Methods of Data Collection
In our operations, personal data may be collected through the following channels:
-
Information actively provided by users when placing orders, making inquiries, or contacting customer service
-
Basic technical data generated during website operations, such as access logs and page interaction information
All data collection is based on clearly defined service needs.
4. Legal Basis for Data Processing
We process personal data in accordance with GDPR principles, based on the following legal grounds:
-
Performance of a contract: to fulfill orders, confirm payments, and provide related service support
-
Explicit consent: when users actively choose to allow communication or subscribe to relevant content
-
Compliance with legal obligations: for necessary management, record-keeping, or verification purposes
-
Legitimate interests: to ensure website stability, optimize user experience, and mitigate misuse or abnormal activity
5. Scope and Limitation of Data Use
Personal data is only used for purposes directly related to orders, service support, and website operations.
We do not use personal data for unrelated purposes, nor do we expand usage beyond what is necessary.
6. Data Storage and Security Management
Personal data is stored using appropriate technical and managerial measures to reduce the risk of unauthorized access, disclosure, or misuse.
Data retention periods are assessed based on service requirements and management needs, and data is not retained for unnecessarily long durations.
7. User Rights under GDPR
Where applicable, users may exercise the following rights regarding their personal data:
-
Confirm whether we hold relevant personal data
-
Request access or review of data
-
Request correction of inaccurate information
-
Request deletion of data, where eligible
-
Withdraw previously given consent for data processing
All requests are handled according to the specific circumstances.
8. Data Sharing and Access Control
Personal data is not disclosed or shared arbitrarily.
If data transfer is necessary for service purposes, it follows a data minimization principle and access rights are properly controlled.
9. Policy Updates
This GDPR Policy may be updated as required by service arrangements or management needs.
Updates will be displayed on the website to ensure users have access to the latest information.
10. Contact Us
For any questions regarding this GDPR Policy or our personal data processing practices, please contact us:
Address: 21396 W HUBBELL ST, BUCKEYE, AZ, 85396-2517, US
Customer Service Phone: +1 (928) 216-2103
Customer Service Email: trusthelp@oaknestle.com
Online Hours: Monday to Friday, 9:00–12:00 and 14:30–18:30 (Australia Time)