Data Protection & GDPR
Last updated: January 16, 2026
Your Data Protection Rights
Under the General Data Protection Regulation (GDPR) and other applicable data protection laws, you have specific rights regarding your personal data. We are committed to respecting and facilitating these rights.
Right of Access
Request a copy of all personal data we hold about you, including account information, purchase history, and communication records.
Right to Data Portability
Receive your personal data in a structured, commonly used, machine-readable format (JSON, CSV, or PDF).
Right to Rectification
Request correction of inaccurate or incomplete personal data we hold about you.
Right to Erasure
Request deletion of your personal data ("right to be forgotten"), subject to legal retention requirements.
Right to Restrict Processing
Request limitation of processing your data in certain circumstances while we verify accuracy or assess objections.
Right to Object
Object to processing of your personal data for direct marketing or based on legitimate interests.
How We Protect Your Data
We implement comprehensive technical and organizational measures to protect your personal data:
- Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
- Access Controls: Role-based access with strict need-to-know principles
- Secure Infrastructure: Hosted on enterprise-grade cloud infrastructure with regular security audits
- Payment Security: PCI DSS compliant payment processing through Stripe
- Data Minimization: We only collect data necessary for providing our services
- Regular Audits: Periodic security assessments and vulnerability testing
Data Retention
- Account Data: Retained while your account is active, deleted within 30 days of account closure
- Purchase History: 7 years for tax and legal compliance
- Customer Support: 3 years after last interaction
- Marketing Preferences: Until you withdraw consent
- Download Logs: 90 days for security purposes
- Analytics Data: Anonymized after 26 months
Response Timeline
Acknowledgment
We will acknowledge receipt of your request within 72 hours
Identity Verification
We may need to verify your identity to process the request
Processing
Your request will be processed within 30 days (GDPR requirement)
Response
You will receive a detailed response with the requested information or confirmation of action taken
Note: Complex requests may require an extension of up to 60 additional days. We will inform you of any extension within the first 30 days.
Submit a Data Request
Use this form to exercise your GDPR rights. We will respond within 30 days.
Data Protection Officer
For any data protection inquiries, you can contact our Data Protection team:
- Email: privacy@dargslan.com
- Response Time: Within 48 business hours
Supervisory Authority
You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated. In the EU, you can contact your local data protection authority.
Related Policies
- Privacy Policy - How we collect and use your data
- Cookie Policy - How we use cookies
- Terms of Service - Terms of using our service