GDPR Compliance

Ecom Corp is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR).

Last updated: December 2024

Our Commitment to Data Protection

We only collect data that is necessary for providing our services
We never sell your personal data to third parties
We use industry-standard encryption to protect your data
We maintain detailed records of all data processing activities
We conduct regular security audits and assessments
We provide clear and transparent privacy notices
We respond to data subject requests within 30 days
We have appointed a Data Protection Officer

Your Rights Under GDPR

Right to Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can request that we correct any inaccurate or incomplete personal data.

Right to Erasure

You can request that we delete your personal data under certain circumstances.

Right to Restrict Processing

You can request that we limit how we use your personal data.

Right to Data Portability

You can request your data in a structured, commonly used format.

Right to Object

You can object to certain types of processing, including direct marketing.

How We Process Your Data

We process personal data based on the following legal bases under GDPR:

Contractual Necessity

We process data necessary to fulfill our contractual obligations to you, such as providing our apps and services, processing payments, and delivering customer support.

Legitimate Interests

We may process data based on our legitimate business interests, such as improving our services, preventing fraud, and ensuring security. We always balance these interests against your rights and freedoms.

Consent

Where required, we obtain your explicit consent before processing personal data, such as for marketing communications. You can withdraw consent at any time.

Legal Obligations

We process data when required by law, such as for tax compliance, fraud prevention, or responding to legal requests.

Data Transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with adequacy decisions
  • Additional technical and organizational measures

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. When data is no longer needed, we securely delete or anonymize it.

Exercise Your Rights

To exercise any of your rights under GDPR or if you have questions about our data practices, please contact our Data Protection Officer.

dpo@ecomcorp.com