GDPR Compliance

How We Comply with GDPR

Lawful Basis for Processing

We process personal data based on one of the following lawful bases:

• Contract: Processing necessary to fulfill our service agreement
• Consent: Where you have given explicit consent
• Legitimate Interest: For business operations that don't override your rights
• Legal Obligation: Where required by law

Data We Collect

• Account information (name, email, company)
• Usage data (how you interact with our service)
• Technical data (IP address, browser type)
• Domain data you choose to track

Data Retention

We retain your personal data only for as long as necessary to provide our services or as required by law. When you delete your account, we remove your personal data within 30 days, except where retention is required for legal purposes.

International Transfers

We use Standard Contractual Clauses (SCCs) approved by the European Commission for any transfers of personal data outside the EEA. Our infrastructure providers are also certified under relevant data protection frameworks.

Sub-processors

We carefully select sub-processors and ensure they provide adequate data protection guarantees. A list of our sub-processors is available upon request.

Data Processing Agreement

For customers who need a Data Processing Agreement (DPA), we provide a comprehensive DPA that covers all GDPR requirements. Contact us to request a signed copy.