GDPR Compliance

Last Updated: Last updated on: 15th August 2024.

Introduction

At Appklet, we are committed to protecting the privacy and personal data of our users. Although we do not hold a GDPR certification, we have implemented comprehensive GDPR-compliant practices to ensure that your personal data is handled with the utmost care and in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR and your rights under this regulation.

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union (EU) regulation that came into effect on May 25, 2018. It governs how organizations collect, process, store, and share personal data of individuals within the EU. The GDPR grants individuals significant rights over their personal data and imposes strict requirements on organizations to ensure the security and privacy of this data.

Our Commitment to GDPR

Appklet takes GDPR compliance seriously, and we have implemented measures to align our data processing activities with GDPR requirements. Our commitment includes:

Data Minimization: We only collect the data that is necessary for providing our services. We do not collect excessive or unnecessary personal information.
Lawful Basis for Processing: We process personal data only when we have a lawful basis to do so, such as when it is necessary for the performance of a contract, with your consent, to comply with a legal obligation, or for legitimate business interests.
Transparency: We are transparent about how we collect, use, and share your data. Our Privacy Policy provides clear information on the types of data we collect, how it is used, and who it is shared with.
Data Security: We have implemented robust security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. This includes encryption, access controls, and regular security audits.
Data Subject Rights We respect your rights under the GDPR, including your right to access, correct, delete, or restrict the processing of your personal data. You can also object to the processing of your data or request data portability.

Your Rights Under GDPR

As an individual whose data is processed by Appklet, you have the following rights under the GDPR:

Right to Access You have the right to request access to the personal data we hold about you and to receive information about how it is processed.
Right to Rectification If you believe that any personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct or complete it.
Right to Erasure ("Right to be Forgotten") You have the right to request that we delete your personal data, subject to certain exceptions (e.g., where the data is needed for legal compliance).
Right to Restrict Processing You can request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to the processing.
Right to Data Portability You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
Right to Object You have the right to object to the processing of your personal data based on legitimate interests, direct marketing, or profiling.
Right to Withdraw Consent If you have provided consent for the processing of your personal data, you have the right to withdraw your consent at any time.

How to Exercise Your Rights

If you wish to exercise any of your rights under GDPR, please contact us at [email protected]. We will respond to your request within one month, in accordance with GDPR requirements. We may ask you to verify your identity before processing your request.

Data Transfers Outside the EU

As Appklet is hosted on AWS, and we use various third-party services like Stripe and Auth0, your data may be transferred outside the European Economic Area (EEA). When such transfers occur, we ensure that appropriate safeguards are in place, such as the use of Standard Contractual Clauses (SCCs) or reliance on adequacy decisions by the European Commission, to protect your personal data.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, or as required by applicable law. When we no longer need your data, we securely delete or anonymize it.

Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.

Contact Information

If you have any questions about our GDPR compliance or how your data is handled, please contact us:

Appklet

Anupar Palayam Pudur, Periyar Colony Bus Stop, Avinashi Road, Tirupur District
641-652, India

[email protected]