EU Data Protection

GDPR Compliance

SlideVault is fully compliant with the General Data Protection Regulation (GDPR). Here's how we protect your rights and your data.

Your Data Rights

Under GDPR, you have the following rights regarding your personal data.

Right to Access

You can request a copy of all personal data we hold about you. We'll provide this within 30 days.

Right to Portability

Export your data in a machine-readable format to transfer to another service.

Right to Erasure

Request deletion of your personal data. We'll remove it within 30 days, subject to legal obligations.

Right to Restrict Processing

Limit how we use your data while we resolve any concerns you may have.

Legal Basis for Processing

Contract Performance

We process your account information, payment details, and usage data as necessary to provide the SlideVault service under our Terms of Service.

Legitimate Interests

We process analytics data to improve our service, detect fraud, and ensure security. We balance these interests against your privacy rights.

Consent

We obtain your consent for marketing communications and optional analytics. You can withdraw consent at any time.

Legal Obligations

We may process data to comply with legal requirements, such as tax regulations and lawful government requests.

Technical & Organizational Measures

We implement appropriate measures to protect your personal data.

Data encrypted in transit (TLS 1.3) and at rest (AES-256)
Regular security assessments and penetration testing
Access controls and employee training
Incident response procedures
Data Processing Agreements with all sub-processors
Privacy by Design principles in product development

Sub-processors

Third parties who process personal data on our behalf.

Amazon Web Services

Cloud hosting and storage

EU (Frankfurt)

Stripe

Payment processing

USA (EU SCCs)

Intercom

Customer support

USA (EU SCCs)

PostHog

Product analytics

EU (Frankfurt)

International Data Transfers

SlideVault primarily stores and processes data within the European Union. When we transfer data outside the EU/EEA, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) - EU-approved contractual terms for international transfers.
  • Adequacy Decisions - Transfers to countries with equivalent data protection (e.g., UK, Switzerland).
  • Supplementary Measures - Additional technical and organizational safeguards.

Data Protection Officer

For any questions about GDPR compliance or to exercise your data rights, contact our Data Protection Officer.

[email protected]
Privacy Policy