How RemovAI complies with the General Data Protection Regulation.
The General Data Protection Regulation (GDPR) is a European Union regulation that became effective on May 25, 2018. It establishes a comprehensive framework for the protection of personal data of individuals in the EU and applies to all organizations that process personal data of EU residents, regardless of where the organization is located.
At RemovAI, we are committed to ensuring the protection and privacy of your personal data in compliance with the GDPR. This document outlines our approach to GDPR compliance and your rights under this regulation.
Under the GDPR, RemovAI acts as both a "data controller" and a "data processor" depending on the context:
In both roles, we adhere to the principles of the GDPR and implement appropriate technical and organizational measures to ensure the security and privacy of your data.
RemovAI is committed to processing personal data in accordance with the following GDPR principles:
We process your data lawfully, fairly, and in a transparent manner. Our Privacy Policy clearly outlines how we collect, use, and share your personal data.
We collect personal data for specified, explicit, and legitimate purposes and do not process it in a manner incompatible with those purposes.
We limit the collection of personal data to what is necessary for the purposes for which it is processed.
We take reasonable steps to ensure that personal data is accurate and, where necessary, kept up to date.
We retain personal data only for as long as necessary for the purposes for which it is processed, and in accordance with our retention policies.
We implement appropriate technical and organizational measures to ensure the security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
We take responsibility for complying with the GDPR principles and can demonstrate compliance through our policies, procedures, and documentation.
Under the GDPR, we process your personal data on the following legal bases:
The specific legal basis for each processing activity is outlined in our Privacy Policy.
Under the GDPR, you have several rights regarding your personal data. As a data subject in the EU, you have the right to:
You have the right to obtain confirmation as to whether your personal data is being processed and, if so, access to that personal data along with information about how it is being processed.
You have the right to have inaccurate personal data corrected and incomplete personal data completed.
In certain circumstances, you have the right to have your personal data erased, such as when the data is no longer necessary for the purpose for which it was collected.
In certain circumstances, you have the right to restrict the processing of your personal data, for example, when you contest the accuracy of the data.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.
Where we process your data based on your consent, you have the right to withdraw that consent at any time.
You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR.
You can exercise your rights by contacting our Data Protection Officer at [email protected] or by using the following methods:
We will respond to your request within one month of receiving it. This period may be extended by up to two additional months if necessary, taking into account the complexity and number of requests.
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing our compliance with the GDPR. You can contact our DPO with any questions or concerns about our processing of your personal data:
Data Protection Officer
RemovAI, Inc.
123 AI Boulevard
San Francisco, CA 94105
Email: [email protected]
As a global organization, we may transfer your personal data to countries outside the European Economic Area (EEA). When we do so, we ensure that appropriate safeguards are in place to protect your data and to comply with our obligations under the GDPR.
These safeguards include:
For more details on the specific mechanisms used for international transfers, please refer to our Privacy Policy or contact our Data Protection Officer.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:
We conduct Data Protection Impact Assessments (DPIAs) for processing operations that are likely to result in a high risk to the rights and freedoms of individuals. This helps us to identify and minimize data protection risks and ensure GDPR compliance.
We maintain records of our processing activities as required by Article 30 of the GDPR. These records include information about the purposes of processing, categories of data subjects and personal data, recipients of personal data, international transfers, retention periods, and security measures.
We provide regular training on data protection and GDPR compliance to our employees and contractors who have access to personal data. This ensures that our staff is aware of their responsibilities and the importance of protecting your data.
At RemovAI, we are committed to protecting your personal data and complying with the GDPR. This document provides an overview of our GDPR compliance approach, but please refer to our Privacy Policy for more detailed information about how we process your personal data.
If you have any questions or concerns about our GDPR compliance or how we handle your personal data, please contact our Data Protection Officer.