GDPR Compliance Policy for Scan N Review

Effective Date: 2024-09-13

At Scan N Review, we are committed to protecting the privacy and personal data of our users in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This policy outlines how we collect, use, and protect personal data, as well as your rights regarding the data we hold.

1. Data Controller
ScanNReview is the data controller responsible for your personal data. If you have any questions or concerns about our data practices, you can contact us at:

Scan N Review
Email: support@scannreview.com
Address: 

2. Personal Data We Collect
We collect and process the following types of personal data:

a. Account Information
Name
Email address
Company name (if applicable)
Payment details for billing purposes (via Stripe)
b. Usage Data
IP address
Device information
Browser type
Pages visited on our platform
Time and date of access
c. Feedback Data
Responses and comments left by users in feedback forms
d. Cookies and Tracking
For more information on the cookies we use, refer to our Cookie Policy.

3. Lawful Basis for Processing
We process your personal data under the following lawful bases:

Consent: When you explicitly provide your consent for specific purposes, such as marketing communications.
Contractual necessity: To fulfill our contractual obligations when you use our services.
Legitimate interest: For purposes such as improving our services, security, and fraud prevention.
Legal obligation: To comply with applicable laws and regulations.
4. How We Use Your Data
We use your personal data for the following purposes:

To provide and improve our services
To process payments and manage billing
To authenticate users and secure access to our platform
To respond to inquiries or support requests
To analyze platform usage and performance
To personalize user experiences
To send marketing and promotional materials (with consent)
5. Third-Party Service Providers (Data Processors)
We share your personal data with trusted third-party service providers who assist in processing and storing data. These include:

a. Stripe (Payment Processing)
We use Stripe to process payment transactions. Stripe collects and processes payment information, such as credit card details. For more information, see Stripe's Privacy Policy.

b. Clerk (Authentication)
We use Clerk for user authentication, which involves collecting and processing login credentials, such as email addresses and passwords. For more information, see Clerk's Privacy Policy.

c. MongoDB (Data Storage)
We use MongoDB to securely store user data. MongoDB is GDPR compliant, and we ensure that appropriate security measures are in place. For more information, see MongoDB's Privacy Policy.

6. International Data Transfers
Some of our third-party service providers (such as Stripe, Clerk, and MongoDB) may transfer or store data outside of the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place, such as standard contractual clauses or an adequacy decision by the European Commission, to protect your personal data.

7. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal, regulatory, or accounting requirements.

8. Your Rights Under GDPR
As a user of ScannReview, you have the following rights regarding your personal data:

Right to Access: Request access to the personal data we hold about you.
Right to Rectification: Correct any inaccurate or incomplete personal data.
Right to Erasure (Right to Be Forgotten): Request the deletion of your personal data under certain circumstances.
Right to Restriction of Processing: Request that we limit the processing of your data in certain situations.
Right to Data Portability: Receive a copy of your personal data in a structured, commonly used, and machine-readable format.
Right to Object: Object to the processing of your personal data based on legitimate interests, direct marketing, or profiling.
Right to Withdraw Consent: If processing is based on consent, you can withdraw it at any time.
9. Data Security
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include encryption, secure servers, and regular security audits.

10. Data Breach Notification
In the unlikely event of a data breach, we will notify affected individuals and the relevant authorities in accordance with GDPR requirements.

11. Updates to This GDPR Policy
We may update this policy from time to time to reflect changes in our data practices or legal requirements. Any updates will be posted on this page with a revised "Effective Date."

12. Contact Us
If you have any questions or concerns about this GDPR Compliance Policy or your personal data, please contact us at:

ScanNReview
Email: support@scannreview.com
Address: 

Last updated: 2024-09-13