GDPR Compliance
Last Updated: 2025-04-24
Inliner.AI is committed to compliance with the General Data Protection Regulation (GDPR). This page outlines our approach to GDPR and your rights regarding your personal data.
1. Data Controller
Inliner.AI ([Your Company Name/Legal Entity]) is the data controller for the personal data collected via our website and services.
2. Personal Data We Collect and Process
We collect and process personal data as outlined in our Privacy Policy. This includes information you provide during registration (like name and email), usage data, log data, and information collected via cookies.
The legal bases for processing your data include your consent (e.g., for cookies or marketing communications), the necessity to perform a contract with you (e.g., providing the service you signed up for), and our legitimate interests (e.g., improving our service, preventing fraud).
3. Use of Third-Party Processors
We utilize third-party services that may process your data on our behalf. Key processors include:
- Stripe: For processing payments. Stripe handles your payment card details directly; we do not store your full card information. Their GDPR compliance information can be found on their website.
- Cloudflare: For content delivery (CDN) and storing generated image assets. Cloudflare acts as a processor for the data passing through its network and stored assets. Their GDPR compliance information is available on their website.
- DigitalOcean: For hosting our application infrastructure and databases. Their GDPR compliance information is available on their website.
- Google Analytics: For analyzing website traffic and user behavior to improve our services. We utilize IP anonymization. Google's GDPR compliance information is available on their website.
- [List other key processors like email service provider, etc.]
We ensure that our third-party processors provide sufficient guarantees to implement appropriate technical and organizational measures in compliance with GDPR.
4. Data Subject Rights
Under GDPR, you have several rights regarding your personal data:
- Right to Access: You can request a copy of the personal data we hold about you.
- Right to Rectification: You can request correction of inaccurate personal data.
- Right to Erasure ('Right to be Forgotten'): You can request the deletion of your personal data under certain conditions.
- Right to Restrict Processing: You can request the restriction of processing your personal data under certain conditions.
- Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format.
- Right to Object: You can object to the processing of your personal data under certain conditions, particularly for direct marketing.
- Rights related to automated decision making and profiling: We currently do not engage in automated decision-making that produces legal effects concerning you or similarly significantly affects you.
To exercise any of these rights, please contact us using the details provided in our Privacy Policy or at [Your GDPR Contact Email/Method].
5. Data Transfers
Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. We take steps, including through the use of Standard Contractual Clauses where applicable, to ensure that your data is treated securely and in accordance with our Privacy Policy and GDPR.
6. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in our Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements.
7. Contact Information
If you have any questions about our GDPR compliance or wish to exercise your rights, please contact our Data Protection Officer (or designated contact) at [Your DPO/Contact Email].