GDPR Compliance Statement
This GDPR Compliance Statement outlines your data rights, information categories collected, retention periods, and safeguards used for processing under the EU GDPR regulation.
Last updated: January 15, 2025
1. What is GDPR?
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that gives you control over your personal data. It applies to all organizations that process personal data of EU residents, regardless of where the organization is located.
At Loodit, we are fully committed to GDPR compliance and have implemented robust measures to protect your personal data and respect your privacy rights.
2. Your Data Protection Rights
If you are a resident of the European Economic Area (EEA) or the UK, you possess specific statutory rights regarding your personal data:
- Right to Access: You have the right to obtain confirmation of whether we process your personal data and access to that data (such as requesting a copy of your personal data).
- Right to Rectification: You have the right to have inaccurate personal data corrected and incomplete data completed.
- Right to Erasure ("Right to be Forgotten"): You have the right to request deletion of your personal data under certain circumstances (such as deleting your account).
- Right to Restrict Processing: You have the right to limit how we process your personal data in certain situations.
- Right to Data Portability: You have the right to receive your personal data in a structured, machine-readable format.
- Right to Object: You have the right to object to processing of your personal data for certain purposes (such as opting out of marketing).
3. Data We Collect & Retention Rules
We process and retain different categories of personal data with designated retention thresholds:
- Identity Data: Includes name, email address, phone number, and date of birth. Used for account management and authentication. Retention Period: 7 years after account closure.
- Usage Data: Includes login times, feature usage, session duration, and device configurations. Used for analytics and service improvements. Retention Period: 2 years.
- Communication Data: Includes support tickets, email correspondence, chat logs, and feedback. Used for support quality and tracking. Retention Period: 3 years.
- Technical Data: Includes IP addresses, browser type, operating system, and device identifiers. Used for security, fraud prevention, and service optimization. Retention Period: 1 year.
4. How We Protect Your Data
Loodit incorporates the following technical and operational measures to guarantee the safety of your information:
- Encryption: All data is encrypted in transit and at rest using industry-standard protocols.
- Secure Infrastructure: We use secure cloud infrastructure with regular security audits and monitoring.
- Access Controls: Strict access controls ensure only authorized personnel can access your data.
- Regular Audits: We conduct regular privacy impact assessments and security audits.
- International Transfers: Any international data transfers use appropriate safeguards, including Standard Contractual Clauses (SCCs).
5. Contact Our Data Protection Officer
If you have any questions about your data protection rights or our GDPR compliance, please contact our Data Protection Officer:
Loodit Data Protection Officer (DPO)
Email: dpo@loodit.com
Website: https://meet.loodit.com
Response Time: Within 30 days
Supervisory Authority: You also have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not handled your data properly.