GDPR Compliance — JaldiDM

JaldiDM is committed to full compliance with the EU General Data Protection Regulation (GDPR) and respects the data rights of all users, especially those in the European Union. This page explains how GDPR protections apply to your data.

GDPR Overview

The General Data Protection Regulation (GDPR) is EU legislation that protects the data rights of individuals within the European Union and European Economic Area. GDPR applies to JaldiDM's processing of personal data of EU residents.

Key Principles: GDPR is built on principles of transparency, fairness, data minimization, purpose limitation, and accountability. JaldiDM adheres to all these principles.

Your Data Rights Under GDPR

As an EU resident, you have the following rights regarding your personal data:

Right to Access: Request a copy of your personal data
Right to Rectification: Request correction of inaccurate data
Right to Erasure (Right to be Forgotten): Request permanent deletion of your data
Right to Restrict Processing: Limit how we process your data
Right to Data Portability: Receive your data in a portable format
Right to Object: Object to certain processing activities
Right to Withdraw Consent: Withdraw consent at any time without penalty
Right to Lodge a Complaint: File a complaint with your local Data Protection Authority

Data Processing & Lawful Basis

Lawful Basis for Processing

We process personal data under one or more of the following lawful bases:

Consent: You explicitly consent to data processing
Contract: Processing is necessary to fulfill our service agreement with you
Legal Obligation: We must process data to comply with laws (e.g., tax, safety)
Legitimate Interests: We process data for legitimate business purposes that don't override your rights

Data Retention & Deletion

We retain personal data only as long as necessary to provide services and meet legal obligations:

Account Data: Retained while account is active; deleted 7–10 days after account closure
Message Data: Retained for 90 days by default; can be deleted sooner upon request
Payment Data: Retained for 7 years for tax and accounting purposes
Backup Data: May persist for up to 30 days after deletion as part of disaster recovery

Data Processing Agreement (DPA)

JaldiDM has entered into Data Processing Agreements (DPA) with relevant third-party data processors (including cloud infrastructure providers). These agreements ensure GDPR compliance throughout the data processing chain.

If you require a copy of our DPA or have questions about data sub-processors, please contact us at info@jaldidm.com

International Data Transfers

JaldiDM operates globally and may transfer data outside the EU/EEA to countries that may not have equivalent data protection laws. When we do:

We use Standard Contractual Clauses (SCC) approved by the European Commission
We implement appropriate supplementary safeguards to protect your data
We ensure transfers are compliant with Schrems II guidelines

Note: By using JaldiDM, you acknowledge and agree to the transfer of your data as described above. If you do not consent to such transfers, you should not use our service.

Exercise Your GDPR Rights

To request access, deletion, or correction of your data, or to file a complaint, contact our Data Protection Officer:

Submit GDPR Request