GDPR Compliance

The GDPR is a comprehensive data protection law that gives individuals in the European Union greater control over their personal data. As a service provider, we take our GDPR obligations seriously and have implemented measures to ensure compliance.

Your Rights Under GDPR

Under GDPR, you have several rights regarding your personal data. We are committed to facilitating the exercise of these rights in a timely and transparent manner.

• Right to Access. You have the right to request a copy of the personal data we hold about you. We will provide this information within 30 days of your request.
• Right to Rectification. You have the right to correct any inaccurate or incomplete personal data. You can update most information through your account settings.
• Right to Erasure. You have the right to request deletion of your personal data ("right to be forgotten"). We will delete your data within 30 days unless we have a legal obligation to retain it.
• Right to Data Portability. You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You can download your documents at any time.
• Right to Restrict Processing. You have the right to request that we restrict the processing of your personal data in certain circumstances.
• Right to Object. You have the right to object to our processing of your personal data for direct marketing purposes or based on legitimate interests.
• Right to Withdraw Consent. Where we process your data based on consent, you have the right to withdraw that consent at any time.

How We Protect Your Data

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption, access controls, and regular security assessments.

• Encryption. All data is encrypted in transit (TLS/SSL) and at rest (AES-256).
• Access Controls. Strict authentication and authorization mechanisms ensure only authorized users can access data.
• Regular Audits. We conduct regular security audits and vulnerability assessments.
• Data Minimization. We only collect and process data necessary for providing our service.

Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

• Contractual Necessity: To provide the service you signed up for
• Consent: For marketing communications and optional features
• Legitimate Interests: To improve our service and prevent fraud
• Legal Obligations: To comply with applicable laws and regulations

International Data Transfers

Your data is primarily stored and processed within the European Union. If we transfer data outside the EU, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Upon account deletion, we delete all personal data within 30 days.

Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.

How to Exercise Your Rights

To exercise any of your GDPR rights, you can:

• Use your account settings to access, update, or delete your data
• Sign in to contact support
• Submit a formal request through your dashboard support section

We will respond to your request within 30 days. If your request is complex or we receive multiple requests, we may extend this period by two additional months, but we will inform you of any such extension.

Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local supervisory authority. However, we encourage you to contact us first so we can address your concerns.

Contact Our Data Protection Officer

For questions about GDPR compliance or to exercise your rights, contact our Data Protection Officer through your dashboard:

Sign in to contact Data Protection Officer

Last Updated: January 2, 2025