GDPR
GDPR Statement
The General Data Protection Regulation (GDPR) is a comprehensive European privacy law regulating the processing of personal data belonging to individuals within the European Economic Area (EEA).
At Sakamototo, we process personal data in accordance with the strict standards set by the GDPR. This page outlines the operational frameworks, processing bases, and mechanisms through which you can assert control over your data.
Core Roles: Controller & Processor
Under GDPR definitions, responsibility for data handling is divided:
- Data Controller: Sakamototo is the Data Controller. We determine the purpose for which your personal data is collected, including commission intakes and creative deliverables.
- Data Processor: Fourthwall, Inc. is our platform provider and acts as the Data Processor. They process your transaction details, physical fulfillment details, and billing infrastructure under our explicit instruction.
Legal Bases for Handling Data
We collect and process your information under one or more of the following lawful bases permitted by the GDPR:
- Performance of a Contract: Processing is required to deliver the digital assets, physical apparel, canvas prints, or custom commissioned architectures you purchase.
- Consent: You have given clear consent to process your personal data for a specific purpose, such as subscribing to our newsletter or design updates. You may retract this consent at any time.
- Legal Obligations: Processing is required to satisfy regulatory requirements, such as reporting transactions for tax compliance.
- Legitimate Interests: Processing is necessary for our legitimate business practices, including monitoring for payment fraud, securing site infrastructure, and analyzing web traffic metrics.
Your Data Subject Rights
As an EEA resident, you possess the following rights regarding how we interact with your Personal Data:
- Right of Access: You can request a clear copy of the personal records we hold about you.
- Right to Rectification: You can request that we immediately correct any inaccurate or incomplete personal information.
- Right to Erasure ("The Right to be Forgotten"): You can request that we delete your personal data from our systems, provided the data is no longer necessary for tax audits, contract completion, or legal compliance.
- Right to Restrict Processing: You can request that we pause processing your data under certain conditions.
- Right to Data Portability: You can request that your data be provided in a structured, commonly used, and machine-readable format to transfer to another service.
- Right to Object: You can object to our processing of your personal data where we rely on Legitimate Interests or direct marketing as our legal basis.
International Data Transfers
To complete transaction fulfillments, personal data collected from the EEA is transferred to systems outside of Europe, primarily to servers located in the United States.
Fourthwall utilizes approved transfer mechanisms, such as Standard Contractual Clauses (SCCs), to ensure your personal data receives a level of protection comparable to that within the European Union.
If you wish to access, correct, update, or delete your personal information, please submit your request through our secure communications channel:
Direct Contact Email: contact@sakamototo.pro
Mailing Address: [Add Your Legal Business Name or Mailing Address Here]
We will review and respond to your identity-verified request within 30 days as required by GDPR guidelines.