GDPR Compliance
Your rights and our commitments under the General Data Protection Regulation
Your Rights Under GDPR
As an EU/EEA resident, you have specific rights regarding your personal data. Click on any right below to exercise it.
Right to Access
Request a copy of all personal data we hold about you, including how we process it.
Right to Rectification
Request correction of any inaccurate or incomplete personal information.
Right to Erasure
Request deletion of your personal data (also known as "right to be forgotten").
Right to Data Portability
Receive your personal data in a structured, machine-readable format.
Right to Object
Object to processing of your personal data for certain purposes like marketing.
Right to Restriction
Request restriction of processing your personal data in certain circumstances.
Lawful Bases for Processing
Under GDPR, we must have a lawful basis for processing your personal data. Here are the bases we rely on:
Consent
You have given clear consent for us to process your personal data for specific purposes.
Examples:
- Newsletter subscriptions
- Marketing communications
- Cookie preferences
Contract
Processing is necessary for a contract we have with you.
Examples:
- Account creation and management
- Providing requested services
- Customer support
Legal Obligation
We need to process your data to comply with the law.
Examples:
- Tax records
- Legal disputes
- Regulatory compliance
Legitimate Interests
Processing is necessary for our legitimate interests or those of a third party.
Examples:
- Website security
- Fraud prevention
- Analytics and improvements
How We Protect Your Data
Technical Measures
- Encryption at rest and in transit (TLS 1.3, AES-256)
- Regular security audits and penetration testing
- Access controls and authentication
- Regular backups with secure storage
Organizational Measures
- Staff training on data protection
- Data Protection Officer appointment
- Privacy by design principles
- Incident response procedures
International Data Transfers
Your data may be transferred to and processed in countries outside the EEA. We ensure appropriate safeguards are in place:
Standard Contractual Clauses
EU-approved model contracts for data transfers
Adequacy Decisions
Transfers to countries deemed adequate by the EU Commission
Binding Corporate Rules
Internal data protection policies for our service providers
Data Breach Notification
Our Commitment
In the unlikely event of a data breach that poses a risk to your rights and freedoms:
- • We will notify the relevant supervisory authority within 72 hours
- • We will inform affected users without undue delay
- • We will provide clear information about the breach and its potential impact
- • We will advise on steps you can take to protect yourself
Data Retention Periods
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Data | While account is active | Service provision |
| Content (Articles, Comments) | Indefinitely (unless deleted) | Public content |
| Server Logs | 90 days | Security monitoring |
| Analytics Data | 2 years | Service improvement |
| Financial Records | 7 years | Legal requirements |
Contact Our Data Protection Officer
For any questions about GDPR compliance or to exercise your rights, contact our DPO:
Supervisory Authority
You have the right to lodge a complaint with your local data protection authority if you believe we're not handling your data properly.
GDPR Compliant
The Qubit Pulse is committed to protecting your privacy and complying with GDPR requirements.