GDPR Compliance

Last Updated: January 2025

1. Introduction

DataHorders is committed to protecting the personal data of our European Union (EU) users in compliance with the General Data Protection Regulation (GDPR).

2. Data Controller Information

DataHorders acts as both a data controller and processor for the personal data we collect. You can contact our Data Protection Officer at:

Email: dpo@datahorders.org

3. Legal Basis for Processing

We process personal data under the following legal bases:

  • Contract fulfillment (service provision)
  • Legal obligations
  • Legitimate interests
  • User consent

4. Your GDPR Rights

Under GDPR, you have the following rights:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making

5. Data Processing Activities

5.1 Types of Data Processed

  • Account information
  • Service usage data
  • Technical data (IP addresses, logs)
  • Payment information

5.2 Processing Purposes

  • Service provision and maintenance
  • Account management
  • Security and fraud prevention
  • Legal compliance

6. International Data Transfers

When we transfer data outside the EU/EEA, we ensure appropriate safeguards through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions
  • Appropriate security measures

7. Data Retention

We retain personal data only for as long as necessary to:

  • Provide our services
  • Comply with legal obligations
  • Resolve disputes
  • Enforce agreements

8. Data Security

We implement appropriate technical and organizational measures including:

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Regular security assessments
  • Staff training on data protection

9. Data Breach Notification

In the event of a data breach that risks your rights and freedoms, we will:

  • Notify supervisory authorities within 72 hours
  • Inform affected users without undue delay
  • Document all breaches and remedial actions

10. Contact and Complaints

To exercise your GDPR rights or file a complaint:

Email: dpo@datahorders.org

You also have the right to lodge a complaint with your local data protection authority.