flinker.affeQ: Follow-up on GDPR Compliance and Data Storage
Thank you for your response. I appreciate your efforts toward GDPR compliance. To further clarify:
1. DPA (Data Processing Agreement):
• Do you currently offer a DPA for customers processing EU user data?
2. AWS Hosting & Data Transfers:
• Is user data stored in an AWS EU region (e.g., Frankfurt)?
• If transferred outside the EU, do you use SCCs (Standard Contractual Clauses) or other safeguards?
3. Data Retention Policy:
• How long is personal data (e.g., email leads) retained after campaign termination?
• Is automatic data deletion available after a set period?
Thank you for clarifying these points.
GauravW_Rhym
Feb 17, 2025A: Hi flinker.affe,
Thanks for following up with these important questions. Here are the clarifications:
DPA (Data Processing Agreement)
At the moment, we do not have a DPA available, but we are actively working towards full GDPR compliance, including necessary agreements.
AWS Hosting & Data Transfers
Our data is stored on AWS, but currently, we do not restrict storage to an EU region like Frankfurt.
If data is transferred outside the EU, we are exploring appropriate safeguards, including SCCs, as part of our compliance roadmap.
Data Retention Policy
User data, such as email leads, is retained as long as the campaign is active.
Users have the ability to delete their campaigns and associated data anytime.
Automatic data deletion after a set period is not yet available but is something we are considering for future updates.
We truly appreciate your patience and support as we work toward enhancing our compliance measures. If you have any further concerns, feel free to reach out via chat on our website at https://rhym.io or email us at contact@rhym.io.