When you use our services you entrust us with your valuable information. We have made it a priority to protect your data and to give you choices about controlling it. We understand that there are particular concerns from companies in the EU about how we use and protect your data, so we put this page together as a guide to answer some of the most common concerns you may have.
Gayatri Hitech's primary data and servers are hosted at Hetzner's data center (located in Helsinki) . We currently don't have plans to add servers in the EU (GDPR does not require physical servers in the EU).
We provide multiple levels of backups and redundancy to ensure uptime and peace of mind. Data transferred from our customers to our servers is encrypted via SSL that is configured to meet or exceed all industry standards.
Gayatri Hitech collects and retains content and metadata for all emails for 30 days to give customers the ability to access their full message history during that time.
In 2016, the European Commission approved and adopted the new General Data Protection Regulation (GDPR). GDPR is a significant change in data protection regulation in the EU and replaces the existing legal framework (the Data Protection Directive and the various member state laws). It came into effect on May 25, 2018.
GDPR adds some new requirements regarding how companies should protect individuals' data that they process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breaches.
As guidance about specific aspects of GDPR continues to be published, we will also continue our efforts to fine-tune and improve our compliance.
Like the Data Protection Directive that preceded it, GDPR includes provisions on international data transfer mechanisms. In order to comply with these provisions, we have worked with legal counsel to create a standard Data Processing Addendum (DPA), which meets with GDPR requirements for agreements between Data Controllers (you) and Data Processors (us).
No. Under GDPR a company is allowed to transfer personal data outside of the EU provided that it puts in place a mechanism, approved under GDPR, to make sure that personal data is adequately protected even when it is transferred outside of the EU.
As of now, our intention is to service DSR requests (such as delete and export) manually. If you have an account with us, you may access, correct, or request that we delete your personal data by contacting us at email@example.com.
This request can include personal data of other individuals, like your employees or customers that you have provided to us and who have requested this of you. We will respond to these requests within 14 days or less, which is well within the GDPR requirement of 30 days.
We are happy to answer any questions and address any concerns regarding how we protect your personal data in general, as well as specifically under GDPR. If you have any questions, please don't hesitate to contact us at firstname.lastname@example.org.