GDPR Compliance

Information about our compliance with the General Data Protection Regulation (GDPR) and your data protection rights.

Last updated: January 1, 2024

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018, in the European Union. It strengthens and unifies data protection for individuals within the EU and addresses the export of personal data outside the EU.

At HAYDEVS, we are committed to protecting your privacy and ensuring compliance with GDPR requirements. This page explains how we handle your personal data in accordance with GDPR.

Your Data Protection Rights

Under GDPR, you have several important rights regarding your personal data:

Right of Access

You have the right to know what personal data we hold about you and how we use it.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data under certain circumstances.

Right to Restrict Processing

You can request that we limit how we use your personal data.

Right to Data Portability

You can request a copy of your data in a structured, machine-readable format.

Personal Data We Collect

We collect and process personal data only when necessary and with your consent. The types of data we may collect include:

  • Identity Data: Name, email address, phone number
  • Contact Data: Billing address, delivery address, email address
  • Technical Data: IP address, browser type, operating system
  • Usage Data: Information about how you use our website and services
  • Marketing Data: Your preferences for receiving marketing communications

We do not collect special categories of personal data (such as health information) unless specifically required for our services and with your explicit consent.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

Consent

When you have given clear consent for us to process your data for specific purposes.

Contract Performance

When processing is necessary for the performance of a contract with you.

Legitimate Interests

When we have a legitimate business interest that is not overridden by your rights.

Legal Obligation

When processing is necessary to comply with a legal obligation.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements.

Customer Data

Retained for the duration of our business relationship plus 7 years for legal compliance.

Marketing Data

Retained until you withdraw consent or opt-out of marketing communications.

Website Analytics

Retained for up to 26 months for analytical purposes.

Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Staff training on data protection
  • Incident response procedures
  • Regular backups and disaster recovery plans

International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer your data internationally, we ensure appropriate safeguards are in place:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Certification schemes and codes of conduct

How to Exercise Your Rights

To exercise any of your data protection rights, please contact us using the information below. We will respond to your request within one month of receipt.

Contact Information

Data Protection Officer: privacy@haydevs.com

General Inquiries: info@haydevs.com

Phone: +1 (555) 123-4567

Address: 123 Tech Street, Silicon Valley, CA 94000

Right to Complain

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with a supervisory authority. In the EU, you can contact the data protection authority in your country of residence.

We encourage you to contact us first so we can try to resolve any concerns directly.

Updates to This Information

We may update this GDPR information from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes and update the "Last updated" date at the top of this page.