GDPR
GDPR Compliance
Last updated: March 14, 2024
1. Introduction
This document outlines how PBLinks complies with the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA).
2. Data Controller
PBLinks acts as the data controller for personal information collected through our services.
3. Legal Basis for Processing
We process personal data under these legal bases:
- Contract fulfillment
- Legal obligations
- Legitimate interests
- User consent
4. Your GDPR Rights
4.1 Access Rights
- Request copies of your personal data
- Know how we use your data
- Know data retention periods
4.2 Rectification Rights
- Correct inaccurate information
- Complete incomplete information
4.3 Erasure Rights
- Request data deletion
- Remove consent for processing
- Object to processing
4.4 Portability Rights
- Receive your data in structured format
- Transfer data to another controller
4.5 Objection Rights
- Object to direct marketing
- Object to processing based on legitimate interests
5. Data Protection Measures
5.1 Technical Measures
- Encryption at rest and in transit
- Access controls
- Regular security audits
- Secure backups
5.2 Organizational Measures
- Staff training
- Data protection policies
- Access limitation
- Regular compliance reviews
6. International Transfers
6.1 Data Transfer Mechanisms
- Standard Contractual Clauses
- Adequacy decisions
- Appropriate safeguards
7. Data Breach Notification
We will notify:
- Supervisory authorities within 72 hours
- Affected users without undue delay
- Provide recommended actions
8. Data Protection Officer
- GDPR inquiries
- Rights exercises
- Complaints
9. Supervisory Authority
You have the right to lodge complaints with your local supervisory authority.
10. Changes to This Notice
We will notify users of significant changes to this notice.