GDPR Compliance

Last updated: 5/30/2025

Introduction

The General Data Protection Regulation (GDPR) is a European Union regulation that governs how we collect, process, and protect your personal data. This page explains how DevKitly complies with GDPR requirements.

Your Rights Under GDPR

As a data subject, you have the following rights:

Right to Information

You have the right to know:

What personal data we collect
Why we collect it
How we use it
Who we share it with
How long we keep it

Right of Access

You can request:

Confirmation that we process your personal data
A copy of your personal data
Information about how we process your data

Right to Rectification

You can:

Correct inaccurate personal data
Complete incomplete personal data
Update outdated information

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data when:

It's no longer necessary for the original purpose
You withdraw consent
You object to processing
Data has been unlawfully processed

Right to Restrict Processing

You can limit how we use your data when:

You contest the accuracy of the data
Processing is unlawful
We no longer need the data but you need it for legal claims
You've objected to processing

Right to Data Portability

You can:

Receive your data in a structured, machine-readable format
Transfer your data to another service provider
Request direct transfer where technically feasible

Right to Object

You can object to:

Processing based on legitimate interests
Direct marketing
Processing for scientific or historical research

Legal Basis for Processing

We process your personal data based on:

Legitimate Interest

Providing and improving our services
Analytics and performance monitoring
Security and fraud prevention

Consent

Newsletter subscriptions
Optional analytics cookies
Marketing communications

Contract Performance

Providing requested services
Customer support
Account management

Data We Collect

Information You Provide

Contact information (name, email)
Feedback and support requests
Newsletter subscriptions

Automatically Collected Data

Usage analytics (anonymized)
Technical information (browser, device)
Performance metrics

Data We Don't Collect

Important: Most of our tools process data entirely in your browser, meaning:

Tool input data never reaches our servers
Processing happens locally on your device
We cannot access your sensitive information

Data Retention

We retain personal data for:

Contact information: Until you request deletion or unsubscribe
Analytics data: 26 months (anonymized)
Support tickets: 3 years for quality assurance
Legal obligations: As required by law

Data Transfers

We may transfer data outside the EU to:

Cloud service providers with adequate protection
Analytics services (Google Analytics)
Support and communication tools

All transfers are protected by appropriate safeguards such as Standard Contractual Clauses.

Security Measures

We protect your data through:

Encryption in transit and at rest
Access controls and authentication
Regular security audits
Employee training and confidentiality agreements

Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer at [email protected].

Exercising Your Rights

To exercise your GDPR rights:

Email us at [email protected]
Include your request type and relevant details
Provide identity verification if required
We'll respond within 30 days

Complaints

If you're not satisfied with our response, you can file a complaint with:

Your local data protection authority
The supervisory authority in your EU member state
The Information Commissioner's Office (ICO) if you're in the UK

Contact Information

For GDPR-related questions:

Email: [email protected]
Data Protection Officer: [email protected]
General Contact: [email protected]