GDPR Compliance
Last updated: January 1, 2025
PromptGear is committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR). This page explains how we handle your personal data and your rights under GDPR.
What is GDPR?
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It gives EU citizens greater control over their personal data and establishes strict requirements for organizations that collect and process personal data.
Data Controller
PromptGear acts as the data controller for personal data collected through our platform. This means we determine how and why your personal data is processed.
Legal Basis for Processing
We process your personal data based on the following legal grounds:
Contractual Necessity
Processing necessary to provide our services as outlined in our Terms of Use.
Consent
Processing based on your explicit consent, which you can withdraw at any time.
Legitimate Interest
Processing necessary for our legitimate business interests, such as improving our services and preventing fraud.
Legal Obligation
Processing necessary to comply with legal requirements, such as tax and accounting obligations.
Your Rights Under GDPR
As an EU resident, you have the following rights regarding your personal data:
Right of Access
You have the right to request a copy of all personal data we hold about you. We will provide this information within 30 days of your request.
Right to Rectification
You have the right to request correction of any inaccurate personal data we hold about you. You can update most information directly in your account settings.
Right to Erasure
You have the right to request deletion of your personal data. When you delete your account, we will remove all your data within 30 days.
Right to Data Portability
You have the right to receive your data in a structured, commonly used format. You can download your projects and data at any time.
Right to Restriction
You have the right to request restriction of processing of your personal data in certain circumstances.
Right to Object
You have the right to object to processing of your personal data for direct marketing purposes at any time.
How to Exercise Your Rights
You can exercise your GDPR rights in the following ways:
- 1.Through your account settings - update or delete your personal information
- 2.By contacting us at privacy@promptgear.dev with your request
- 3.Through our support page for any data-related inquiries
We will respond to your request within 30 days. In complex cases, this may be extended by an additional 60 days, but we will inform you of any delay.
Data Retention
We retain your personal data only for as long as necessary to provide our services and fulfill the purposes described in our Privacy Policy. When you delete your account, we will delete your personal data within 30 days, except where we are legally required to retain certain information (such as billing records for tax purposes).
International Data Transfers
Your data is primarily stored within the European Union. When we need to transfer data outside the EU, we ensure appropriate safeguards are in place:
- •Standard Contractual Clauses (SCCs) approved by the European Commission
- •Adequacy decisions by the European Commission for certain countries
- •Binding Corporate Rules where applicable
Data Protection Contact
For any questions or concerns about how we handle your personal data, you can contact us:
You also have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not handled your personal data in accordance with GDPR.