GDPR Compliance Information
What is GDPR?
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It strengthens data protection for individuals within the European Union and governs how organizations collect, process, and store personal data.
Your Rights Under GDPR
Right to Access
You can request a copy of all personal data we hold about you.
Right to Rectification
You can request correction of inaccurate or incomplete personal data.
Right to Erasure
You can request deletion of your personal data ("right to be forgotten").
Right to Portability
You can receive your data in a structured, machine-readable format.
Right to Restriction
You can request that we limit how we process your personal data.
Right to Object
You can object to processing based on legitimate interests or direct marketing.
How We Protect Your Data
Data Minimization
We only collect data that is necessary for providing our service.
Purpose Limitation
Your data is only used for the specific purposes you've consented to.
Storage Limitation
We don't keep your data longer than necessary.
Security by Design
Security measures are built into every aspect of our platform.
Privacy by Default
We use the most privacy-friendly settings by default.
Our Legal Basis for Processing
| Data Type | Legal Basis | Purpose |
|---|---|---|
| Account Information | Contract | Provide platform access and services |
| Payment Information | Contract | Process subscriptions and billing |
| Usage Analytics | Legitimate Interest | Improve service performance and security |
| Marketing Communications | Consent | Send promotional emails and updates |
| Legal Records | Legal Obligation | Comply with tax and business regulations |
Data Breach Response
In the unlikely event of a data breach:
- We will notify the relevant supervisory authority within 72 hours
- Affected individuals will be notified without undue delay
- We will provide clear information about the breach and remedial actions
- We will take immediate steps to secure the data and prevent further breaches
International Data Transfers
When we transfer your data outside the EU/EEA, we ensure adequate protection through:
- European Commission adequacy decisions
- Standard Contractual Clauses (SCCs)
- Binding Corporate Rules where applicable
- Specific safeguards for each transfer
Supervisory Authority
You have the right to lodge a complaint with your local data protection authority if you believe we have not handled your personal data appropriately. You can find your local authority at EDPB.