Skip to content
Dropie.io
GDPR Compliance

GDPR Compliance & Data Protection

Dropie is committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other data protection laws.

Our Commitment

We process personal data lawfully, fairly, and transparently. We collect only what's necessary, keep it secure, and respect your rights under GDPR.

Your Rights Under GDPR

Right to Access

Request a copy of your personal data we hold

Right to Rectification

Request corrections to inaccurate personal data

Right to Erasure

Request deletion of your personal data

Right to Data Portability

Receive your data in a portable format

Right to Restrict Processing

Limit how we use your personal data

Right to Object

Object to certain types of data processing

To exercise any of these rights, please contact our Data Protection Officer

Data We Collect & Retention Periods

Account Information

5 years after account closure
Name
Email address
Company details
Billing information

Document Data

90 days after deletion request
Uploaded documents
Extracted data
Processing metadata

Usage Data

2 years
Feature usage
Performance metrics
Error logs

Communication Data

3 years
Support tickets
Email correspondence
Chat logs

Technical & Organizational Measures

We implement comprehensive security measures to protect your personal data

End-to-end encryption for all document transfers
Regular security audits and penetration testing
ISO 27001 certification (in progress)
Data residency options for EU customers
Strict access controls and authentication
Regular employee privacy training
Incident response procedures
Data minimization practices

International Data Transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions for countries with equivalent data protection
  • Your explicit consent where required

Legal Basis for Processing

Contract Performance

We process data necessary to provide our services and fulfill our contractual obligations to you.

Legitimate Interests

We may process data for our legitimate business interests, such as improving our services and preventing fraud.

Legal Obligations

We process data when required by law, such as for tax purposes or regulatory compliance.

Consent

For certain processing activities, we rely on your explicit consent, which you can withdraw at any time.

Questions About Your Data?

Our Data Protection Officer is here to help with any questions about how we handle your personal data or to assist you in exercising your rights.

Email: dpo@dropie.io | Response time: Within 30 days

Right to Lodge a Complaint

If you're not satisfied with how we handle your data, you have the right to lodge a complaint with your local supervisory authority. We'd appreciate the chance to address your concerns first, so please contact us before filing a complaint.