GDPR Compliance

`[ effective date: January 1, 2025 ]`

Our Commitment to Data Protection

We are fully committed to complying with the General Data Protection Regulation (GDPR). This means we handle all personal data responsibly, lawfully, and transparently. Our team ensures that every process involving data collection, processing, and storage aligns with GDPR requirements.

We process personal data only when there is a lawful basis to do so, including:

  • Consent from the individual.
  • Performance of a contract.
  • Compliance with legal obligations.
  • Legitimate business interests that do not override personal rights.

Data Collection and Processing

We only collect personal data that is necessary for the services we provide. All data is processed under a lawful basis, such as consent, legitimate interest, or contractual obligation. Before collecting any personal information, we clearly inform you about the purpose and obtain your explicit consent where required.

Under GDPR, you have the right to:

  • Access your personal data.
  • Request correction or deletion.
  • Restrict or object to processing.
  • Request data portability.
  • Withdraw consent at any time.

Data Access and Control

Under GDPR, you have the right to request access to your personal data, correct inaccuracies, and request deletion. You may also restrict processing or request data portability. We make it simple to exercise these rights — just contact us through our official channels, and we will respond promptly.

Data Transfers and Third Parties

In some cases, we may share your data with trusted third-party partners or service providers who assist in operating our business. All such partners are bound by strict data protection agreements to ensure compliance with GDPR standards. We do not transfer your data outside the European Economic Area unless adequate protection is guaranteed.

Breach Notification

In the unlikely event of a data breach, we will promptly assess the risk and, where necessary, notify the relevant supervisory authority within 72 hours. If the breach poses a high risk to your rights and freedoms, we will also inform you directly. Our internal policies and technical measures are designed to minimize the likelihood of such incidents.