Upsidia AI - Find Missed Revenue & Fix What Matters First

GDPR Compliance

Your data protection rights under the General Data Protection Regulation

Our Commitment to GDPR

Upsidia AI is committed to protecting your personal data and respecting your privacy rights under the EU General Data Protection Regulation (GDPR). This page explains how we comply with GDPR and what rights you have regarding your personal data.

Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

Right to Access

You have the right to request copies of your personal data.

Right to Rectification

You have the right to request correction of inaccurate or incomplete data.

Right to Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal data under certain conditions.

Right to Data Portability

You have the right to request transfer of your data to another service.

Right to Object

You have the right to object to processing of your personal data.

Right to Restrict Processing

You have the right to request restriction of processing your data.

How We Collect & Use Your Data

Data We Collect:

  • • Account information (email, name)
  • • Website URLs you analyze
  • • Performance analysis results
  • • Payment information (processed securely via Stripe)
  • • Usage data (features accessed, analysis frequency)

Legal Basis for Processing:

  • Contract Performance: To provide services you've subscribed to
  • Legitimate Interest: To improve our platform and provide customer support
  • Consent: For marketing communications (you can opt-out anytime)
  • Legal Obligation: To comply with applicable laws and regulations

Data Protection Measures

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Strict role-based access controls for our team
  • Data Minimization: We only collect data necessary for our services
  • Regular Audits: Quarterly security and compliance audits
  • Data Processing Agreements: All third-party processors sign DPAs

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us through our data protection request form. We will process your request and respond within 30 days as required by GDPR.

Request Your Data

Download a copy of all your personal data

Request Data Export

Update Your Info

Correct or update your personal data

Account Settings

Delete Account

Permanently delete your account and data

Request Deletion

Data Retention

We retain your personal data only for as long as necessary to provide our services and comply with legal obligations:

  • Active accounts: Data retained while your account is active
  • Closed accounts: Most data deleted within 90 days of account closure
  • Financial records: Retained for 7 years for tax/legal compliance
  • Anonymized analytics: May be retained indefinitely for platform improvement

International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure adequate protection through:

  • • Standard Contractual Clauses (SCCs) approved by the European Commission
  • • Data Processing Agreements with all third-party processors
  • • Regular compliance reviews and data protection impact assessments

Data Protection Officer

Our Data Protection Officer (DPO) oversees compliance with GDPR and handles data protection inquiries.

Contact our DPO for data protection inquiries:

Contact Data Protection Officer

Response time: Within 30 days as required by GDPR

Complaints & Supervisory Authority

If you believe we have not handled your data properly, you have the right to lodge a complaint with your local supervisory authority. For EU residents, you can find your national data protection authority here.

Updates to This Page

We may update this GDPR compliance page to reflect changes in our practices or legal requirements. Last updated: January 3, 2025.

Additional Resources

→ Privacy Policy→ Terms of Service→ Fair Use Policy
← Back to Home