GDPR Compliance
The Connect is fully compliant with the General Data Protection Regulation (GDPR) and respects your data protection rights.
Your GDPR Rights
- Right to Access: View all data we hold about you
- Right to Rectification: Correct inaccurate information
- Right to Erasure: Request deletion of your data
- Right to Portability: Export your data
- Right to Object: Opt out of processing
- Right to Restrict: Limit data processing
Data Processing
| Data Type | Purpose | Legal Basis | Retention |
|---|---|---|---|
| Account Information | Service provision | Contract performance | Until account deletion |
| Domain Data | Domain verification | Contract performance | Until domain removal |
| Usage Analytics | Service improvement | Legitimate interest | 12 months |
| Payment Data | Billing processing | Contract performance | 7 years (legal requirement) |
Data Protection Measures
- End-to-end encryption for data in transit and at rest
- Regular security audits and penetration testing
- Access controls and employee privacy training
- Data minimization - we only collect what's necessary
- Regular data reviews and automated deletion
Third-Party Processors
We work with GDPR-compliant processors including:
- Stripe: Payment processing (EU data protection standards)
- AWS: Cloud hosting (EU regions, GDPR compliance)
- OpenAI: AI processing (data processing agreements in place)
Exercise Your Rights
Data Protection Officer: dpo@theconnect.com