GDPR Compliance
We are fully compliant with the General Data Protection Regulation (GDPR). We respect your data sovereignty and provide tools to manage it.
1. Controller vs. Processor
AI SDR as Controller
We act as a data controller for your account information (billing, login details) relative to your direct relationship with us.
AI SDR as Processor
We act as a data processor for the leads and prospect data you process using our platform. You retain ownership of this data.
Data Protection Officer
Direct line for compliance.
dpo@ai-sdr.com
2. Lawful Basis
We process your personal data under the following lawful bases:
- Contract: To fulfill our service agreement.
- Consent: For marketing and cookies (revocable).
- Legitimate Interest: To improve security and fraud prevention.
3. International Transfers
Your data may be transferred to and processed in countries outside the EEA, primarily the United States.
Standard Contractual Clauses (SCCs): We utilize SCCs to ensure adequate protection for these transfers.
4. Your Rights
5. Subprocessors
We engage third-party subprocessors to support our Service. We maintain a list of all current subprocessors and have Data Processing Agreements (DPAs) in place with each.
Notification:
We will provide at least 30 days' notice before appointing any new subprocessor, giving you the opportunity to object if you have reasonable grounds.