User Rights Policy


FBG Holding LLC. (referred to as “Company”, “we”, or “us”) respects the privacy rights of individuals and is committed to providing them with the opportunity to exercise their rights regarding their Personal Data, subject to applicable law requirements.

This User Rights Policy (or “Policy”) provides an overview of your rights under the European Union General Data Protection Regulation (GDPR) regarding your Personal Data.

Data Subject Request Forms

Please note that any Data Subject Request Forms (defined below) submitted to us will be processed by us in our capacity as a “Data Controller”.


  1. Right of Access and Data Portability

You have the right to request us to confirm whether we process certain Personal Data related to you and to obtain a copy of such Personal Data, along with additional information regarding how and why we use it. The GDPR enables access to all Personal Data processed by the controller. After we receive such a request, we will analyze and determine the veracity and appropriateness of the access request and provide you with the applicable confirmation of processing, a copy of the Personal Data, or a description of the Personal Data and categories of data processed, the purpose for which such data is being held and processed, and details about the source of the Personal Data that was not provided by you.

  1. Right to Erasure

The Company is legally obligated to comply with a request to delete Personal Data if:

  • The data is no longer needed for the original purpose and there is no new lawful reason to keep it.
  • The lawful basis for processing the data is consent, and the data subject withdraws their consent.
  • The data subject exercises their right to object to the Company’s processing of their Personal Data, and the Company has no overriding reason to continue processing the data.
  • The Personal Data is processed unlawfully.
  • Erasing the Personal Data is necessary to comply with applicable laws.
  • The Company has passed on Personal Data to a third party, the data subject also has the right to oblige the Company to tell those third parties that the information should be erased.

The right to erasure is not absolute. Even if a data subject meets one of the criteria listed above, the Company is entitled to reject the data subject’s request and continue processing the data, subject to applicable law, if such processing is:

  • Necessary to comply with legal obligations.
  • Necessary to establish, exercise, or defend legal claims.
  • Necessary for scientific research, etc.
  • Necessary to perform a contract between you and us.
  • Necessary to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for that activity.
  • Necessary to debug, to identify and repair errors that impair existing intended functionality.
  • To enable solely internal uses that are reasonably aligned with your expectations based on our relationship with you.


Lawful basis: The legal foundation or justification.

Legitimate interests: Valid concerns or valid reasons.

Processing: The handling or management of personal data.

Direct marketing: Targeted advertising or promotional activities aimed at individuals.

Override: Take precedence over or have more importance than.

Establish, exercise or defend: Create, utilize, or protect in a legal context, such as in a lawsuit.



Company’s details: Information about the business, including its name and address.

Fair and transparent processing: Ethical and clear handling of personal data, ensuring individuals understand why and how it’s processed.

Privacy policy: A document outlining an organization’s practices regarding personal data.

Categories of Personal Information: Different types or groups of personal data.

Updated every 12 months: Revised annually to reflect current practices.



Personal Data: Information that identifies an individual.

Correct: Ensure accuracy.

Data subject: The person to whom the data relates.

Update: Revise or modify.

Passed on incorrect information: Shared inaccurate data.

Third party: An external entity or organization.



Personal Data: Information related to an individual.

Not accurate: Incorrect or erroneous.

Update: Correct or amend.

Passed on incorrect information: Shared inaccurate data.

Third party: An external entity or organization.



Data subject: The individual to whom the data belongs.

Limit: Restrict or control.

Contested: Challenged or disputed.

Unlawful: Against the law or illegal.

Erasure: Deletion or removal.

Overriding grounds: More important reasons in a specific context.



Personal Data: Information about an individual.

Third-party entity: An external organization or party.

Send or “port”: Transfer or move.

Held by us: Maintained or stored by our organization.



Verifiable consumer request: A request that can be confirmed as legitimate.

GDPR: General Data Protection Regulation, a European Union law on data protection.

Extension period: Additional time.

Format: Structure or arrangement.

Readily useable: Easily usable.

Transmit: Send or transfer.

Entity: An organization or party.

This Policy applies solely to your rights concerning Personal Data processed by us.


Solely: Only or exclusively.

Personal Data: Information about an individual.

Processed by us: Handled by our organization.


Filling in the Data Subject Request Form: Completing the designated form for requests.

Emailing us at: [email protected]: Sending an email to the specified address for requests.