GDPR Compliance

Your data rights under the General Data Protection Regulation

Overview

The General Data Protection Regulation (GDPR) gives individuals in the European Union specific rights regarding their personal data. BlindsideIQ is committed to respecting and protecting these rights.

This page explains how we comply with GDPR requirements and how you can exercise your data protection rights when using our Customer Relationship Intelligence platform.

Your GDPR Rights

Right to Information

You have the right to know what personal data we collect, how we use it, and who we share it with. This information is detailed in our Privacy Policy.

Right of Access

You can request a copy of all personal data we hold about you. We will provide this within 30 days in a commonly used electronic format.

Right to Rectification

You can ask us to correct any inaccurate or incomplete personal data. You can update most information directly in your account settings.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data when it's no longer necessary for the original purpose, or if you withdraw consent.

Right to Restrict Processing

You can ask us to temporarily stop processing your personal data in certain circumstances, such as when you contest its accuracy.

Right to Data Portability

You can receive your personal data in a structured, commonly used format and transfer it to another service provider.

Right to Object

You can object to processing based on legitimate interests, direct marketing, or for research/statistical purposes.

Rights Related to Automated Decision-making

You have rights regarding automated processing and profiling. Our AI analysis is designed to augment human decision-making, not replace it.

How We Comply with GDPR

Legal Basis for Processing

We process personal data based on the following legal grounds:

  • Contract: To provide our email intelligence services
  • Legitimate Interest: To improve our AI models and platform security
  • Consent: For marketing communications (where applicable)
  • Legal Obligation: To comply with accounting and tax requirements

Data Protection by Design

  • Privacy considerations built into every feature from the ground up
  • Data minimization - we only collect what's necessary for our services
  • Purpose limitation - data is only used for stated purposes
  • Storage limitation - automatic deletion based on retention policies

Data Processing Location

BlindsideIQ operates with a data residency-first approach to eliminate international transfer risks:

  • UK/EU customers: All data processing occurs within the UK and EU/EEA
  • Future US operations: Would use dedicated US-based infrastructure
  • No international transfers: Data never leaves your jurisdiction
  • Regional compliance: Meets local data protection requirements automatically

Data Protection Impact Assessments (DPIAs)

We conduct DPIAs for high-risk processing activities, particularly those involving:

  • AI-powered email content analysis
  • Large-scale personal data processing
  • Integration with Microsoft 365 systems
  • New technologies or processing methods

Exercising Your Rights

To exercise any of your GDPR rights, you can:

Account Settings

Update, export, or delete your data directly from your dashboard

Email Request

Contact our Data Protection Officer at dpo@blindsideiq.com

Support Team

Our support team can help process requests and answer questions

Response Timeframes

  • Standard requests: 30 calendar days
  • Complex requests: Up to 90 days (with explanation)
  • Urgent safety concerns: Within 72 hours

Data Retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected:

Data Type Retention Period Legal Basis
Account information Until account deletion Contract fulfillment
Email analysis data 7 years Business records compliance
Usage logs 90 days Security and troubleshooting
Support communications 3 years Customer service quality
Marketing preferences Until consent withdrawn Consent

Children's Data

BlindsideIQ is designed for business use and is not intended for individuals under 16 years of age. We do not knowingly collect or process personal data from children.

If we become aware that we have collected personal data from a child without appropriate consent, we will take steps to delete such information promptly.

Supervisory Authority

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local data protection authority.

UK Data Protection Authority

Information Commissioner's Office (ICO)

Website: ico.org.uk

Phone: 0303 123 1113

Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

For residents of other EU/EEA countries, you can find your local data protection authority at edpb.europa.eu

Contact Our Data Protection Officer

For any questions about GDPR compliance or to exercise your data rights:

Data Protection Officer

Email: dpo@blindsideiq.com

Subject Line: "GDPR Request - [Your Request Type]"

Response Time: Within 30 days

General Privacy Questions

Email: hello@blindsideiq.com

Address: BlindsideIQ Ltd, London, United Kingdom