Privacy Policy

1. Introduction

DataReporter ("we", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data when you use the DataReporter platform ("Service"). We comply with the General Data Protection Regulation (GDPR) and applicable EU data protection laws.

2. Data Controller

The data controller responsible for your personal data is DataReporter. You can reach us through our contact form.

3. Data We Collect

We collect the following categories of personal data:

• Account information: name, email address, and password when you register
• Usage data: features used, queries executed, dashboards created, and interaction patterns
• Technical data: browser type, device information, and access logs
• Communication data: messages sent through our contact form or support channels
• Payment data: billing information processed securely through our payment providers

4. How We Use Your Data

We process your personal data for the following purposes:

• Providing and maintaining the Service
• Authenticating your identity and managing your account
• Processing payments and managing subscriptions
• Communicating with you about the Service, updates, and support
• Improving the Service through aggregated analytics
• Complying with legal obligations

5. Legal Basis for Processing

We process your data based on the following legal grounds under GDPR:

• Contract performance: processing necessary to provide the Service you subscribed to
• Legitimate interest: improving our Service, ensuring security, and preventing fraud
• Consent: where you have given explicit consent, such as for marketing communications
• Legal obligation: compliance with applicable laws and regulations

6. Third-Party Services

We may share data with trusted third-party service providers who assist in operating the Service, including:

• Cloud hosting providers for infrastructure
• Payment processors for billing
• Analytics services for usage insights

All third-party providers are contractually bound to process data only as instructed and in compliance with GDPR.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy. Payment records are retained as required by applicable tax and accounting laws.

8. Your Rights (GDPR)

As a data subject under GDPR, you have the right to:

• Access: request a copy of your personal data
• Rectification: correct inaccurate or incomplete data
• Erasure: request deletion of your data ("right to be forgotten")
• Restriction: restrict processing of your data in certain circumstances
• Portability: receive your data in a structured, machine-readable format
• Objection: object to processing based on legitimate interest
• Withdraw consent: withdraw consent at any time where processing is based on consent

To exercise any of these rights, reach out through our contact form. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit (TLS) and at rest
• Regular security assessments and vulnerability testing
• Access controls and authentication requirements
• Employee training on data protection

10. International Transfers

Your data is primarily processed within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Last updated" date at the top indicates when the latest changes were made.

12. Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority.

13. Contact

For any questions about this Privacy Policy or your personal data, please use our contact form.