Introduction

AMPED Comics follows and adheres to all current data privacy laws including HIPAA, HITECH, GLBA, and GDPR. The EU General Data Protection Regulation (“GDPR”) became enforceable across the European Union in May 2018 and brings significant changes to data protection law. Based on privacy by design and a risk-based approach, the GDPR is designed to meet the requirements of the digital age.

The 21^st Century brings broader use of technology, new definitions of protected data, and a vast increase in cross-border processing. GDPR aims to standardize data protection laws and processing across the EU, affording individuals stronger, more consistent rights to access and control their personal information. Although not enforced in the U.S. at this time, we use GDPR and other guidance to inform our privacy policies.

We understand that customer data privacy and protection are critical to modern business. We are committed to ensuring our customers’ and partners’ information is protected at all times while in our possession.

AMPED Comics never shares any customer or partner data with third parties except when authorized by the customer/partner or when compelled by law.

Our Commitment

AMPED Comics is committed to ensuring the security and protection of the personal information that we process, and to providing a compliant and consistent approach to data protection. We have a robust data protection program that complies with existing law and the data protection principles, and we continue to update and expand this program to meet the demands of GDPR and other evolving privacy standards and guidelines.

We are dedicated to safeguarding personal information and maintaining an effective, purposeful data protection regime that demonstrates our understanding and appreciation of our customers’ and partners’ privacy. Our preparation and ongoing compliance efforts include developing and implementing roles, policies, procedures, controls, and measures to ensure maximum and sustained compliance.

We Continually Revise our Policy to Maintain Effectiveness

To maintain a consistent level of data protection and security across our organization and ensure compliance, we perform the following:

Information Audit

• We conduct semi-annual, company-wide information audits to identify and assess what personal information we hold, its sources, purposes, processing methods, and disclosures.

Policies & Procedures

• Data Protection: Our core data protection policy and procedures meet GDPR standards. Accountability and governance measures ensure we understand and disseminate obligations, with a dedicated focus on privacy by design and individual rights.
• Data Retention & Erasure: Our retention policy and schedule meet “data minimization” and “storage limitation” principles. We store, archive, and destroy information compliantly and ethically, and we maintain procedures to meet the “Right to Erasure” and other data subject rights, including response timeframes and notification responsibilities.
• Data Breaches: Our breach procedures provide safeguards to identify, assess, investigate, and report personal data breaches at the earliest possible time. Procedures are disseminated to employees with clear reporting lines and steps.
• International Data Transfers & Third-Party Disclosures: Where AMPED Comics stores or transfers information outside the U.S., we apply robust safeguards (including encryption) to maintain integrity. We review adequacy decisions and, where required, implement binding corporate rules, standard contractual clauses, or approved codes of conduct. We perform strict due diligence on all recipients to ensure appropriate safeguards, enforceable data subject rights, and effective legal remedies.

Legal Basis for Processing

• We review processing activities to identify appropriate legal bases and maintain records to meet our obligations.

Privacy Notice/Policy

• We maintain Privacy Notices that explain why we need personal data, how it is used, individuals’ rights, disclosure recipients, and safeguarding measures.

Obtaining Consent

• We maintain clear consent mechanisms so individuals understand what they provide, why, and how we use it. We record affirmative opt-in with time/date and offer easy ways to withdraw consent.

Direct Marketing

• We provide opt-in mechanisms for marketing subscriptions, clear notices, opt-out options, and unsubscribe links on all subsequent materials.

Data Protection Impact Assessments (DPIA)

• For high-risk, large-scale, or special category/criminal conviction data processing, we use procedures and templates that fully comply with applicable requirements.

Processor Agreements

• Where third parties process information on our behalf (e.g., payroll, recruitment, hosting), we execute compliant Processor Agreements and conduct due diligence, including initial and ongoing reviews of necessity, technical and organizational measures, and compliance.

Data Subject Rights

We provide clear information—via our website and in our offices—about individuals’ rights regarding their personal information processed by AMPED Comics. Upon request, individuals may obtain information about:

• What personal data we hold
• The purposes of processing
• The categories of data concerned
• The recipients to whom the personal data has been or will be disclosed
• How long we intend to store the data
• Where not collected directly, information about the data source
• The right to rectify incomplete or inaccurate data and how to request this
• The right to request erasure (where applicable) or restrict processing, to object to direct marketing, and to be informed about any automated decision-making we use

Information Security & Technical and Organisational Measures

AMPED Comics takes the privacy and security of personal information very seriously and applies layered safeguards to protect against unauthorized access, alteration, disclosure, or destruction. Our measures include, but are not limited to:

• SSL/TLS encryption
• Access controls & data restriction
• Password policies
• Two-factor authentication (2FA)
• Secure storage & transmission practices

Roles and Employees

AMPED Comics has a designated Data Protection Officer (DPO) responsible for our compliance roadmap, organizational awareness, readiness assessments, gap identification, and implementation of privacy controls.

We recognize the importance of continuous employee awareness. Privacy training is part of our onboarding and annual training programs.

How to Contact Us

For questions about this policy, to exercise your rights, or to contact our DPO, please reach out:

Note: This Privacy Policy may be updated periodically. Substantive changes will be reflected in the “Last updated” date above.