GDPR

Upzilla.co is committed to protecting the privacy and security of personal data in accordance with the requirements of the General Data Protection Regulation (GDPR). This policy outlines how we collect, use, disclose, and protect personal data collected from users within the European Union.

What does it mean that Upzilla is GDPR compliant?

The GDPR governs the handling of personal data within the European Union, encompassing its collection, storage, transfer, and usage. Personal data, as defined by the GDPR, includes any information relating to an identifiable individual.

It's important to note that GDPR applies to all organizations processing personal data of EU citizens, regardless of their location. This regulation empowers individuals with greater control over the use of their data by organizations.

To adhere to GDPR requirements, we have introduced a revised Cookie Policy and updated our Privacy Policy documents, including specific provisions addressing GDPR regulations. These documents have been designed to be more user-friendly and comprehensive in addressing data protection standards mandated by the GDPR. We encourage you to review them.

Signing a Data Processing Agreement (DPA)

In our commitment to assisting our customers in achieving GDPR compliance, our Privacy Policy governs the processing of your personal data when you subscribe to Upzilla's services. This policy provides detailed information about how we handle your personal data.

However, if you reside in the EU or if your local laws require it, you have the option to sign a Data Processing Agreement (DPA) with us. Simply reach out to us, and we will furnish you with a DPA for your review and signature.

Legal Basis for Processing

We process personal data on the following legal bases:

Data Usage

We do not use personal data for any purpose other than those explicitly stated without obtaining consent from the user. Personal data collected is used for the following purposes:

Data Security

We implement appropriate technical and organizational measures to ensure the security of personal data. Access to personal data is restricted to authorized personnel only and is protected through encryption, access controls, and other security protocols. We regularly review and update our security measures to protect against unauthorized access, disclosure, alteration, or destruction of personal data.

Data Transfers

Personal data may be transferred to and stored on servers located outside the EU, including in countries that may not provide the same level of data protection as the EU. We ensure that any such transfers comply with the requirements of the GDPR by implementing appropriate safeguards, such as standard contractual clauses or binding corporate rules.

Data Subject Rights

Users can exercise their rights by contacting us using the contact information provided below. Users within the EU have the following rights regarding their personal data:

Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected or as required by law. We have established retention periods for different types of personal data based on the purposes for which they are processed.

Contact Information

For any inquiries or requests regarding this GDPR policy or the processing of personal data, please contact our Data Protection Officer (DPO) at dataprotection@upzilla.co.

Changes to Policy

We reserve the right to update or modify this GDPR policy at any time. Any changes will be communicated to users through our website or other appropriate channels.