PicShare

GDPR Compliance

Last updated: December 2024

PicShare is committed to protecting your privacy rights under the General Data Protection Regulation (GDPR). This page explains your rights as an EU resident and how we ensure compliance with European data protection laws.

Your GDPR Rights

Right to Information

We provide clear information about how we collect, use, and process your personal data.

Right of Access

You can request access to all personal data we hold about you at any time.

Right to Rectification

You can correct inaccurate or incomplete personal data in your account.

Right to Erasure

You can request deletion of your personal data under certain circumstances.

Right to Portability

You can export your data in a structured, machine-readable format.

Right to Object

You can object to processing based on legitimate interests or direct marketing.

Legal Basis for Processing

Consent

  • Marketing communications and newsletters
  • Optional cookies and tracking
  • Beta features and product testing

Contract Performance

  • Account creation and management
  • File sharing and storage services
  • Payment processing and billing

Legitimate Interest

  • Security and fraud prevention
  • Service improvement and analytics
  • Customer support and communication

Data Protection Measures

  • Privacy by design and by default principles
  • Regular data protection impact assessments
  • Staff training on GDPR compliance
  • Secure data processing agreements with vendors
  • Incident response and breach notification procedures
  • Regular security audits and penetration testing

Data Transfers

When transferring your data outside the EU, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Binding Corporate Rules for internal transfers
  • Certification schemes and approved codes of conduct

Exercising Your Rights

How to Contact Us

To exercise your GDPR rights or ask questions about data protection:

  • Email: gdpr@picshare.com
  • Data Protection Officer: dpo@picshare.com
  • Address: 123 GDPR Street, Privacy City, PC 12345
  • Response Time: Within 30 days of your request

Complaints and Supervisory Authority

If you're not satisfied with how we handle your personal data, you have the right to lodge a complaint with your local supervisory authority:

  • Contact your national data protection authority
  • File a complaint online through their official website
  • You can also contact us first to resolve issues directly

Data Retention

Retention Periods

  • Account Data: Until account deletion + 30 days
  • File Content: Per your retention settings
  • Usage Logs: Maximum 2 years
  • Support Tickets: 3 years after resolution
  • Payment Records: 7 years (legal requirement)