Data Protection
Last updated: April 21, 2025
1. GDPR Compliance
We process personal data in accordance with:
- General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA)
- Other applicable data protection laws
As a data processor, we ensure:
- Transparent processing of personal data
- Lawful basis for all data processing activities
- Implementation of appropriate security measures
2. Data Processing Principles
We adhere to these core principles:
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimization
- Accuracy and currency
- Storage limitation
- Integrity and confidentiality
- Accountability
3. Technical Security Measures
Our infrastructure includes:
- End-to-end encryption for data transmission
- Regular security audits and penetration testing
- Access control and authentication systems
- Redundant backup systems
- Disaster recovery procedures
4. International Data Transfers
For international data transfers, we:
- Use EU-approved Standard Contractual Clauses
- Maintain appropriate safeguards
- Monitor compliance with international regulations
- Provide transparency about data storage locations
5. Data Subject Rights
We support your rights to:
- Access your personal data
- Rectify inaccurate data
- Erase personal data ("right to be forgotten")
- Restrict processing
- Data portability
- Object to processing