General Data Protection Regulation (GDPR) Compliance

Frequently Asked Questions

1. What is GDPR, and why is it important?

The General Data Protection Regulation (GDPR) is a European Union law designed to protect the personal data and privacy of EU residents. It gives individuals more control over their data and sets strict guidelines for organizations that process or store personal data. At Gridlines, we prioritize GDPR compliance to ensure your trust and protect your rights.

2. What data does Gridlines collect about me?

We collect the following types of data to deliver and improve our services:

• Account Information: Name, email address, and password.

• Usage Data: How you interact with our platform (e.g., activity logs, features used).

• Support Data: Information provided during customer support interactions.
  We only collect data necessary for providing and improving our services.

3. How does Gridlines process and use my data?

We use your data to:

• Provide you with the Gridlines platform and its features.

• Respond to support requests.

• Improve the platform through analytics and feedback.

• Communicate updates, new features, and compliance notifications (with your consent).

We do not sell your personal data to third parties.

4. Where is my data stored?

Your data is stored on secure servers located in GDPR-compliant data centers within the EU and/or other regions with adequate data protection standards. We use Google Cloud, a trusted provider, to ensure the highest level of security and compliance.

5. What rights do I have under GDPR?

As an EU resident, you have the following rights regarding your data:

• Access: Request a copy of the data we have about you.

• Correction: Ask us to correct inaccurate or incomplete data.

• Erasure ("Right to be Forgotten"): Request the deletion of your data.

• Portability: Obtain a copy of your data in a portable format.

• Objection: Object to certain data processing activities, such as marketing emails.

To exercise these rights, contact us at privacy@gridlinesapp.com.

6. Does Gridlines use subprocessors?

Yes, we work with carefully selected third-party subprocessors to deliver our services. These subprocessors are GDPR-compliant.

Please see a full list of subprocessors here.

7. How does Gridlines ensure the security of my data?

We implement robust security measures, including:

• Encryption of data in transit and at rest.

• Access controls to limit who can access your data.

• Regular audits and vulnerability assessments.

• Secure data backups to prevent loss.

8. What happens if there is a data breach?

In the unlikely event of a data breach, we will:

• Notify affected users and the relevant authorities within 72 hours, as required by GDPR.

• Provide details about the breach and any data impacted.

• Take immediate steps to contain and resolve the issue.

9. How can I manage my data or withdraw consent?

You can manage your account and data settings through the Gridlines platform. If you wish to withdraw consent or exercise your rights under GDPR, contact us at privacy@gridlinesapp.com.

10. Will this policy be updated?

Yes, we review and update our GDPR compliance practices regularly. Any significant changes will be communicated via email or through the Gridlines platform.