Yollomi LogoYollomi

GDPR Compliance

Last Updated: 2024-01-01

GDPR Overview

As a data controller, Yollomi is committed to compliance with the General Data Protection Regulation (GDPR). This page outlines how we ensure GDPR compliance and protect your data rights.

Data Controller

The following entity is the data controller for your personal data:

Yollomi Inc.

123 Business Street

Tech City, TC 12345

Email: dpo@Yollomi.com

Lawful Basis for Processing

We process your personal data based on the following lawful bases:

  • Contract Performance: Processing your data to provide the services you requested
  • Legitimate Interests: Improving our services and business operations
  • Consent: Marketing communications based on your explicit consent
  • Legal Obligation: Complying with legal requirements and regulations

Your Data Rights

Under GDPR, you have the following rights:

Right to Access

You have the right to obtain confirmation of whether we process your personal data and to access that data.

Right to Rectification

You have the right to request correction of inaccurate personal data concerning you.

Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data, unless there are legitimate grounds for retention.

Right to Restrict Processing

You have the right to request restriction of processing of your personal data in certain circumstances.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format.

Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Account data: Retained for the duration of your account
  • Transaction records: Retained for 7 years as required by law
  • Marketing data: Until you unsubscribe
  • Log data: Retained for 90 days for security purposes

Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Data encryption (in transit and at rest)
  • Regular security assessments and penetration testing
  • Employee data protection training
  • Access controls and authentication measures
  • Incident response and breach notification procedures

International Data Transfers

If we transfer your personal data outside the European Economic Area, we ensure it is protected through appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

Data Breaches

In the event of a data breach, we will notify the relevant supervisory authority within 72 hours and notify you if the breach poses a high risk to your rights and freedoms.

Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our data protection strategy and ensure GDPR compliance.

DPO Contact Information

Email: dpo@Yollomi.com

Phone: +1 (555) 123-4567

Complaints

If you have any complaints about how we process your personal data, you have the right to lodge a complaint with a supervisory authority.

How to Exercise Your Rights

To exercise any of your data rights, please contact our Data Protection Officer. We will respond to your request within one month.