GDPR Compliance
Last updated: January 14, 2025
Overview
SecureVault is committed to compliance with the General Data Protection Regulation (GDPR). This page outlines your rights as a data subject and how we handle your personal data.
Data Controller
SecureVault, Inc. acts as the Data Controller for the personal data collected through our service.
Contact: Contact Page
Location: Seoul, South Korea
Your Rights Under GDPR
As a data subject, you have the following rights:
Right of Access
You can request a copy of the personal data we hold about you. This can be done through your account settings or by contacting us.
Right to Rectification
You have the right to correct inaccurate personal data. You can update your account information directly through the settings page.
Right to Erasure
You can request deletion of your personal data. Deleting your account will remove all associated data within 30 days.
Right to Restriction
You can request that we restrict the processing of your personal data under certain circumstances.
Right to Data Portability
You can export your data in a machine-readable format. Note that encrypted memos can only be exported in their encrypted form.
Right to Object
You can object to the processing of your personal data for marketing purposes.
Legal Basis for Processing
We process personal data based on the following legal grounds:
- Contract Performance: We process data necessary to provide our service to you
- Legitimate Interest: We process data for security, fraud prevention, and service improvement
- Legal Obligation: We may process data to comply with legal requirements
- Consent: For marketing communications, we rely on your explicit consent
Data We Collect
| Data Type | Purpose | Retention Period |
|---|---|---|
| Email Address | Account identification, communications | Until account deletion |
| Encrypted Memos | Core service functionality | Until user deletion |
| Access Logs | Security, abuse prevention | 90 days |
| IP Address | Security, session management | 30 days |
International Data Transfers
Your data may be transferred to and processed in countries outside the EEA. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.
Data Protection Officer
For GDPR-related inquiries, please contact us via the contact page
Supervisory Authority
If you are in the EU and believe your data protection rights have been violated, you have the right to lodge a complaint with your local supervisory authority.
Exercising Your Rights
To exercise any of your rights, please visit our contact page
- Use "GDPR Request" as the subject
- Include specific details about your request
We will respond to your request within 30 days.