GDPR Policy
GDPR Compliance – Workpedia
Last updated: March 2026
Table of Contents
- Introduction
- Who We Are (Data Controller)
- Our Legal Basis for Processing Data
- Your Rights Under GDPR
- Data We Collect and Why
- Cookies and Consent
- International Data Transfers
- Data Security Measures
- Data Retention
- Third-Party Processors
- Automated Decision-Making
- Children's Data
- Data Breaches
- Supervisory Authority
- Updates to This Page
- Contact Us
Introduction
At Workpedia, we are committed to protecting your personal data and respecting your privacy. This page explains how we comply with the General Data Protection Regulation (GDPR) – the European Union's data protection law – and what rights you have regarding your personal information.
This GDPR Compliance page works alongside our Privacy Policy, Cookie Policy, and Terms and Conditions. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, this page applies specifically to you.
We take your privacy seriously and want you to feel confident that your information is handled with care and in accordance with the law.
Who We Are (Data Controller)
Under GDPR, Workpedia is the data controller of your personal information. This means we determine why and how your personal data is processed.
If you have any questions about how we handle your data, please contact us using the information in the Contact Us section below. We aim to respond to all privacy inquiries within 30 days.
Our Legal Basis for Processing Data
Under GDPR, we must have a valid legal basis for processing your personal data. We rely on the following legal bases:
| Processing Activity | Legal Basis | Explanation |
|---|---|---|
| Website operation and security | Legitimate interests | We need to process certain data to keep our website secure and functioning properly. This is in our legitimate interest and does not override your rights. |
| Analytics (Google Analytics) | Consent | We use cookies to understand how visitors use our site. In the EEA/UK, we ask for your consent before placing non-essential cookies. |
| Contact form communications | Consent or Contract | When you contact us, we process your data to respond to your inquiry. This is based on your consent and our legitimate interest in helping you. |
Legitimate Interests Assessment: Where we rely on legitimate interests, we have conducted a balancing test to ensure our interests do not override your fundamental rights and freedoms. Our legitimate interests include:
- Improving and optimizing our website
- Protecting our website from security threats
- Understanding how visitors engage with our content
- Responding to inquiries and providing helpful information
Your Rights Under GDPR
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights regarding your personal data:
| Right | What It Means | How to Exercise |
|---|---|---|
| Right to be Informed | You have the right to be informed about the collection and use of your personal data. | This page and our Privacy Policy provide this information. |
| Right of Access | You can request a copy of the personal data we hold about you. | Contact us via email. We will respond within 30 days. |
| Right to Rectification | You can ask us to correct inaccurate or incomplete data. | Contact us with the correct information. |
| Right to Erasure (Right to be Forgotten) | You can request deletion of your personal data, subject to certain conditions. | Contact us. We will delete data unless we have a legal obligation to retain it. |
| Right to Restrict Processing | You can ask us to limit how we use your data. | Contact us with your request. |
| Right to Data Portability | You can request a copy of your data in a machine-readable format. | Contact us. We will provide your data in a commonly used format. |
| Right to Object | You can object to processing based on legitimate interests. | Contact us. We will stop processing unless we have compelling legitimate grounds. |
| Rights Related to Automated Decision-Making | You have rights regarding decisions made solely by automated means. | See Section 11 – we do not use automated decision-making. |
| Right to Withdraw Consent | If we rely on consent, you can withdraw it at any time. | Use cookie settings or contact us. |
These rights are not absolute and may be subject to certain exceptions under applicable law. We will respond to all legitimate requests within 30 days. If your request is complex, we may extend this period by an additional 60 days, but we will notify you if this is the case.
Data We Collect and Why
Under GDPR, we must be transparent about what data we collect and why. Here is a complete breakdown:
| Data Category | Specific Data | Purpose | Legal Basis | Retention Period |
|---|---|---|---|---|
| Usage Data | IP address, browser type, pages visited, time spent, referring website | Analyze site traffic, improve content, understand user behavior | Consent (via cookie banner) | 26 months (Google Analytics default) |
| Cookie Data | Preferences, session information | Site functionality, analytics | Consent (for non-essential cookies) | Varies by cookie type |
| Contact Information | Name, email address, message content | Respond to inquiries, provide information | Consent / Legitimate interests | Until request is resolved + 1 year |
Note: We do NOT collect sensitive personal data (such as racial or ethnic origin, political opinions, religious beliefs, health information, or biometric data).
Cookies and Consent
Under the ePrivacy Directive (EU Cookie Law) and GDPR, we must obtain your consent before placing non-essential cookies on your device.
Cookie Consent Mechanism
When you first visit Workpedia from the EEA/UK, you will see a cookie consent banner that:
- Clearly explains we use cookies
- Asks for your consent to place non-essential cookies
- Provides options to accept or reject different cookie categories
- Links to our Cookie Policy for more information
Essential cookies (those necessary for the Site to function) are placed automatically. All other cookies require your explicit consent.
Withdrawing Consent
You can withdraw your consent at any time by:
- Using your browser settings to clear cookies
- Contacting us directly at workpedia2026@gmail.com
For complete details about the cookies we use, please see our Cookie Policy.
International Data Transfers
Workpedia is hosted on servers that may be located outside the European Economic Area, including in the United States. When your data is transferred outside the EEA, we ensure appropriate safeguards are in place.
Safeguards for International Transfers
| Recipient | Location | Safeguard |
|---|---|---|
| Google Analytics | USA and globally | Google is certified under the EU-US Data Privacy Framework and uses Standard Contractual Clauses (SCCs) approved by the European Commission. |
| FormSubmit | Various | FormSubmit processes data in accordance with GDPR requirements. For specific information, please review their privacy policy. |
You can learn more about Google's data transfer safeguards at https://policies.google.com/privacy/frameworks.
By using our Site and providing your data, you acknowledge that your information may be transferred to and processed in countries outside your country of residence, which may have different data protection laws.
Data Security Measures
We take the security of your personal data seriously. Under GDPR, we are required to implement appropriate technical and organizational measures to protect your data. Here's what we do:
Technical Measures
- HTTPS encryption: Our entire Site uses HTTPS, encrypting all data transmitted between your browser and our servers.
- Secure hosting: Our hosting provider implements robust security measures to protect data.
- Limited data collection: We only collect data that is necessary for our purposes.
Organizational Measures
- Access controls: Only necessary personnel have access to personal data.
- Data minimization: We collect only the data we need.
- Breach response plan: We have procedures in place to handle potential data breaches.
While we implement these measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but will do everything reasonably possible to protect your data.
Data Retention
We retain your personal data only as long as necessary for the purposes we collected it, including to satisfy legal, accounting, or reporting requirements.
| Data Type | Retention Period | Reason |
|---|---|---|
| Analytics data | 26 months | Google Analytics default retention period |
| Contact form submissions | 1 year after resolution | To maintain records of communications and improve our responses |
| Email correspondence | As long as needed for the purpose, then deleted | To provide ongoing support if needed |
| Cookie consent records | 1 year | To document consent as required by law |
When we no longer need your data, we will securely delete or anonymize it. If deletion is not possible (for example, because your data is stored in backup archives), we will securely isolate it until deletion is possible.
Third-Party Processors
We work with trusted third-party service providers who process personal data on our behalf. Under GDPR, we have data processing agreements with all such providers to ensure your data is protected.
| Third Party | Service | Data Processed | GDPR Compliance | Privacy Policy |
|---|---|---|---|---|
| Google Analytics | Website analytics | Usage data, IP address (anonymized) | Yes – certified under EU-US DPF | policies.google.com/privacy |
| FormSubmit | Contact form processing | Name, email, message content | Yes – GDPR compliant | formsubmit.co/privacy |
We have reviewed each provider's GDPR compliance and ensured appropriate safeguards are in place. If you would like more information about these third parties, please contact us.
Automated Decision-Making
Under GDPR, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
Workpedia does NOT engage in any automated decision-making or profiling that produces legal or similarly significant effects.
Any personalization you experience on our Site is based on your explicit choices and does not involve automated decisions that significantly affect you.
Children's Data
Our Site is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to delete that information promptly.
Data Breaches
In the event of a personal data breach that poses a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours of becoming aware of the breach (as required by GDPR Article 33)
- Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms (as required by GDPR Article 34)
- Document all breaches, including facts, effects, and remedial actions taken
To date, Workpedia has not experienced any personal data breaches.
Supervisory Authority
Under GDPR, you have the right to lodge a complaint with a supervisory authority if you believe we have not handled your personal data properly.
We encourage you to contact us first so we can address your concerns directly. However, you have the right to contact your local data protection authority at any time.
European Data Protection Authorities
- UK (ICO): https://ico.org.uk
- Ireland (DPC): https://www.dataprotection.ie
- Germany (BfDI): https://www.bfdi.bund.de
- France (CNIL): https://www.cnil.fr
- Other EU countries: Find your authority at https://edpb.europa.eu/about-edpb/about-edpb/members_en
Updates to This Page
We may update this GDPR Compliance page from time to time to reflect changes in:
- Our data processing practices
- Legal or regulatory requirements
- Guidance from supervisory authorities
When we make changes, we will revise the "Last updated" date at the top of this page. If the changes are significant, we may provide more prominent notice.
We encourage you to review this page periodically to stay informed about how we protect your data and comply with GDPR.
Contact Us
If you have any questions about this GDPR Compliance page, our data protection practices, or wish to exercise your rights, please contact us:
- Email: workpedia2026@gmail.com (please include "GDPR Request" in the subject line for faster handling)
- Website: www.workpedia.name.ng
- Contact form: Visit our Contact Us page
Response time: We aim to respond within 30 days.
GDPR Compliance Summary
| Requirement | Our Compliance |
|---|---|
| Lawful basis for processing | ✓ Consent, Legitimate Interests |
| Consent mechanism | ✓ Cookie banner with ability to withdraw |
| Data minimization | ✓ We collect only what we need |
| Transparency | ✓ This page + Privacy Policy + Cookie Policy |
| Data subject rights | ✓ We honor all GDPR rights |
| Data security | ✓ HTTPS, access controls, breach procedures |
| International transfers | ✓ Safeguards in place (SCCs, EU-US DPF) |
FOR USERS IN THE EUROPEAN ECONOMIC AREA, UNITED KINGDOM, AND SWITZERLAND: By using this Site, you acknowledge that we process your personal data in accordance with this GDPR Compliance page and our Privacy Policy.
Workpedia – Your A-Z Guide to Remote Work & Job Success