GDPR Compliance

EANScan is fully committed to GDPR compliance and protecting your data rights under European regulations.

Data Protection by Design

Privacy and data protection are built into every aspect of our services from the ground up, ensuring your data is always protected.

Security First

Industry-leading encryption, regular audits, and strict access controls ensure your data remains secure at all times.

Full Transparency

Clear documentation about how we collect, process, and protect your data, with no hidden practices.

Your GDPR Rights

Under GDPR, you have comprehensive rights regarding your personal data:

Right to Access (Article 15)
You can request a copy of all personal data we hold about you, including how it's being used and who it's shared with. We'll provide this within 30 days of your request.
Right to Rectification (Article 16)
If any of your personal data is inaccurate or incomplete, you can request corrections. We'll update your information promptly and notify any third parties if necessary.
Right to Erasure (Article 17)
Also known as the "right to be forgotten," you can request deletion of your personal data when it's no longer necessary for the purposes it was collected.
Right to Data Portability (Article 20)
You can request your personal data in a structured, commonly used, and machine-readable format to transfer to another service provider.
Right to Object (Article 21)
You can object to certain types of processing, including direct marketing, profiling, and processing based on legitimate interests.

Legal Basis for Processing

Contract Performance
Processing necessary to deliver our services as outlined in our terms of service
Legitimate Interests
Processing for business purposes that don't override your rights and freedoms
Legal Obligations
Processing required by law, such as tax records and compliance reporting
Consent
Processing based on your explicit consent, which you can withdraw at any time

Data Processing Activities

Categories of Data

  • Identity Data: Name, username, title
  • Contact Data: Email address, telephone numbers, addresses
  • Financial Data: Payment card details, billing information
  • Transaction Data: Details about payments and services purchased
  • Technical Data: IP address, browser type, device information
  • Usage Data: Information about how you use our services
  • Marketing Data: Preferences for receiving marketing communications

Data Retention Periods

  • Account Data: Duration of account plus 90 days
  • Transaction Records: 7 years for tax compliance
  • Marketing Data: Until consent withdrawn
  • Technical Logs: 90 days for security purposes
  • Support Tickets: 2 years from resolution

International Transfers

When we transfer data outside the EEA, we ensure adequate protection through:

  • EU Standard Contractual Clauses
  • Adequacy decisions by the European Commission
  • Binding corporate rules for intra-group transfers
  • Your explicit consent where required

Data Protection Officer

Our Data Protection Officer oversees all GDPR compliance activities and is your point of contact for any data protection concerns.

Contact Information:

Email: dpo@eanscan.com

Phone: +1 (555) 123-4567 ext. 200

Address: Data Protection Officer
EANScan, Inc.
123 Tech Street, Suite 400
San Francisco, CA 94107
United States

Our Compliance Measures

Technical Measures

  • End-to-end encryption
  • Pseudonymization where possible
  • Regular security testing
  • Access logging and monitoring
  • Data minimization practices

Organizational Measures

  • Regular GDPR training for staff
  • Data protection impact assessments
  • Privacy by design methodology
  • Vendor compliance verification
  • Incident response procedures

How to Exercise Your Rights

To exercise any of your GDPR rights, you can:

  1. Email our DPO at dpo@eanscan.com
  2. Use the data request form in your account settings
  3. Call our privacy hotline at +1 (555) 123-4567
  4. Send a written request to our registered address

We'll respond to your request within 30 days. In complex cases, we may extend this by an additional 60 days, but we'll inform you of any delays and the reasons.

Right to Lodge a Complaint

If you're not satisfied with how we handle your data or respond to your requests, you have the right to lodge a complaint with your local supervisory authority. While we hope to resolve any issues directly, we respect your right to escalate concerns.

For EU residents, you can find your local authority at:European Data Protection Board Members