General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR), is a European privacy law approved by the European Commission in 2016 and will go into effect May 25, 2018. The GDPR is an attempt to give EU citizens and residents control over their personal data. One set of rules for all companies operating and processing data in the EU.

Although we are a Canadian-based company, the provisions of the GDPR apply to any organization that processes personal data of individuals in the European Union, including tracking their online activities, regardless of whether the organization has a physical presence in the EU.

The privacy and protection of your data is a big deal to us, and so is being transparent about how we collect, use, and share information about you. We are committed to working with our customers to answer any questions and address any concerns regarding how we protect their personal data.

Below is an overview of what we have done to meet the new regulation requirements. For more specifics please read our updated Terms of Service and Privacy Policy.

  • We’ve revised our Privacy Policy to be more easily understandable. Using plain language where possible. Our relationship with customers and their data is more clear and concise. We’ve identified when we request data, why we process certain data, how long it’s stored for and who receives it.
  • We’ve ensured, and reiterated in our Privacy Policy, that every customer provides clear consent to process their data and that our services do not address or collect personal information from anyone under the age of 18.
  • From the start we’ve been setup as self-service. We provide all our customers with the ability to access, update, retrieve, export and remove personal data. Additionally, any customer has the right to be forgotten and can request to have their account permanently deleted by emailing
  • We love creating valuable content for our customers and community, but we’ve ensured no emails are ever sent to individuals who haven’t explicitly opted into being contacted. Also, we provide several ways for our customers to opt-out of such communications. Customers and update or turn off email notifications from their account settings. Any marketing related emails can be opted-out of directly from the messages themselves.
  • We’ve revamped our Security section of our Privacy Policy to better explain the safeguards our business has in place to protect your data and how we handle data transfer outside of the European Union.
  • We’ve updated our existing breach management process and communications plan to comply with the GDPR regulations concerning the escalation process and requirements for data subject notification. Basically, we’ve stipulated we will provide notice of any breaches of security or privacy to affected parties via email within 72 hours.

We hope you see value in these changes as we continue to improve your That Clean Life experience and in a way that meets our commitment to defending and protecting your privacy.

If you have any questions, please don’t hesitate to contact us.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us