GDPR Compliance

Your data protection rights under the General Data Protection Regulation (GDPR) and how ProtectAI.space ensures compliance.

Last updated: October 13, 2025

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It applies to all organizations that process personal data of individuals in the European Union (EU), regardless of where the organization is located.

At ProtectAI.space, we are committed to protecting your personal data and ensuring full compliance with GDPR requirements. This page outlines your rights under GDPR and how we implement these protections.

Your Rights Under GDPR

Right to Information

You have the right to be informed about how your personal data is collected, used, and processed.

  • Clear and transparent privacy notices
  • Information about data processing purposes
  • Details about data retention periods
  • Information about your rights and how to exercise them

Right of Access

You have the right to access your personal data and receive information about how it's being processed.

  • Request a copy of your personal data
  • Information about processing purposes and legal basis
  • Details about data recipients and retention periods
  • Information about automated decision-making

Right to Rectification

You have the right to have inaccurate or incomplete personal data corrected.

  • Correct inaccurate personal data
  • Complete incomplete personal data
  • Update outdated information
  • Notify third parties of corrections when applicable

Right to Erasure ("Right to be Forgotten")

You have the right to have your personal data deleted in certain circumstances.

  • Data is no longer necessary for the original purpose
  • You withdraw consent and there's no other legal basis
  • Data has been unlawfully processed
  • Erasure is required for compliance with legal obligations

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format.

  • Receive data in a machine-readable format
  • Transfer data to another service provider
  • Direct transmission when technically feasible
  • Applies to data processed by automated means

Right to Restrict Processing

You have the right to limit how your personal data is processed in certain situations.

  • When you contest the accuracy of the data
  • When processing is unlawful but you don't want erasure
  • When we no longer need the data but you need it for legal claims
  • When you object to processing pending verification

Right to Object

You have the right to object to certain types of data processing.

  • Processing based on legitimate interests
  • Direct marketing communications
  • Automated decision-making and profiling
  • Processing for scientific or historical research

How to Exercise Your Rights

You can exercise your GDPR rights by contacting us through any of the following methods:

Contact Information

  • Email: gdpr@protectai.space
  • Subject Line: GDPR Rights Request
  • Response Time: Within 30 days

Required Information

  • Your full name and email address
  • Specific right you wish to exercise
  • Detailed description of your request
  • Proof of identity (if required)

Processing Timeline

  • Acknowledgment: Within 72 hours
  • Identity Verification: 1-3 business days
  • Request Processing: Up to 30 days
  • Complex Requests: Up to 90 days

No Cost

Exercising your GDPR rights is free of charge, except in cases of manifestly unfounded or excessive requests.

Legal Basis for Data Processing

We process your personal data based on the following legal grounds under GDPR:

Consent (Article 6(1)(a))

Marketing communications, optional cookies, newsletter subscriptions

Contract (Article 6(1)(b))

Account management, service delivery, payment processing

Legal Obligation (Article 6(1)(c))

Tax records, financial compliance, law enforcement requests

Legitimate Interest (Article 6(1)(f))

Security monitoring, fraud prevention, service improvement

Vital Interest (Article 6(1)(d))

Emergency situations, safety-critical scenarios

Public Task (Article 6(1)(e))

Regulatory compliance, public safety requirements

Data Protection Officer (DPO)

Our Data Protection Officer oversees GDPR compliance and serves as your point of contact for data protection matters:

Email: dpo@protectai.space

Role: Data Protection Officer

Responsibilities:

  • Monitor GDPR compliance
  • Conduct privacy impact assessments
  • Serve as contact point for supervisory authorities
  • Provide guidance on data protection matters
  • Handle data subject requests and complaints

International Data Transfers

When we transfer your personal data outside the EU/EEA, we ensure appropriate safeguards are in place:

Adequacy Decisions

Transfers to countries with adequate data protection levels as determined by the European Commission

Standard Contractual Clauses (SCCs)

Contractual safeguards approved by the European Commission for data transfers

Binding Corporate Rules

Internal data protection policies for multinational organizations

Certification Schemes

Industry-recognized data protection certifications and codes of conduct

Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority:

EU Supervisory Authorities

You can contact the data protection authority in your EU member state. Find your local authority at: edpb.europa.eu

Before Filing a Complaint

We encourage you to contact us first so we can try to resolve your concerns directly. Many issues can be resolved quickly through direct communication.

Data Breach Procedures

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:

Our Obligations

  • Notify supervisory authorities within 72 hours
  • Notify affected individuals without undue delay
  • Document the breach and our response
  • Take measures to mitigate the breach

Information Provided

  • Nature and scope of the breach
  • Likely consequences of the breach
  • Measures taken to address the breach
  • Steps you can take to protect yourself

Contact Us for GDPR Matters

For any questions about GDPR compliance or to exercise your rights, please contact us:

General GDPR Inquiries

Email: gdpr@protectai.space

Response time: Within 30 days

Data Protection Officer

Email: dpo@protectai.space

For complex data protection matters

Important: When contacting us about GDPR matters, please include "GDPR Request" in your subject line and provide sufficient detail about your inquiry to help us respond effectively.