GDPR Compliance

Last updated: June 24, 2026

Our Commitment to Data Protection

While Alpine Orchard operates primarily in Canada, we recognize the importance of protecting personal data according to international standards, including the General Data Protection Regulation (GDPR) for visitors and clients from the European Union.

Legal Basis for Processing

We process your personal data under the following legal bases:

• Contract Performance: When you request our services, we process your information to fulfill that service agreement
• Legitimate Interest: We use minimal data for business operations and service improvement
• Consent: For marketing communications, we obtain explicit consent before contacting you

Data Controller Information

Alpine Orchard acts as the data controller for personal information collected through this website and during service provision.

Contact: [email protected]

Your Rights Under GDPR

If you are a resident of the European Union or European Economic Area, you have specific rights regarding your personal data:

Right to Access

You may request a copy of all personal data we hold about you. We will provide this information in a structured, commonly used format within 30 days of your request.

Right to Rectification

If any personal information we hold is inaccurate or incomplete, you have the right to request corrections.

Right to Erasure

You may request deletion of your personal data when it is no longer necessary for the purposes it was collected, or when you withdraw consent.

Right to Restrict Processing

You can request that we limit how we use your data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a portable format and transmit it to another service provider.

Right to Object

You may object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects concerning you.

Data Retention

We retain personal data only for as long as necessary to provide services and comply with legal obligations:

• Service inquiry data: Retained for 2 years after last contact
• Client service records: Retained for 7 years for business and tax purposes
• Website analytics: Anonymized after 14 months

International Data Transfers

Your data is processed and stored in Canada. While Canada is recognized as providing adequate data protection under GDPR, we implement additional safeguards to protect your information during any international transfers.

Data Security Measures

We implement technical and organizational measures to protect your data:

• Encryption of data in transit and at rest
• Access controls limiting who can view personal data
• Regular security assessments and updates
• Staff training on data protection principles

Data Breach Notification

In the event of a data breach that poses risk to your rights and freedoms, we will notify you and relevant supervisory authorities within 72 hours of becoming aware of the breach.

Exercising Your Rights

To exercise any of your GDPR rights, contact us at [email protected] with your request. We will respond within 30 days and may request identification to verify your identity before processing the request.

Supervisory Authority

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.

Updates to This Policy

We review this GDPR compliance statement regularly and update it as necessary to reflect changes in our practices or legal requirements.