GDPR Compliance
1. Introduction
DataScrap Studio complies with the General Data Protection Regulation (GDPR) for users in the European Union (EU). This policy outlines how our desktop application aligns with GDPR principles and your rights as an EU data subject.
2. Scope
This policy applies to:
- EU residents using DataScrap Studio.
- Non-EU users whose data processing activities fall under GDPR jurisdiction.
3. Data Controller & Processor
- Data Controller: You, the user, control all data extracted and stored locally via the desktop application.
- Our Role: We act as a software provider and do not process, store, or access your personal data.
4. GDPR Principles We Uphold
Lawfulness, Fairness, and Transparency
- Billing Data: We collect minimal personal data (name, email, payment details) solely to fulfill your license purchase. This is processed under contractual necessity (Article 6(1)(b) GDPR).
- Marketing: Optional communications require explicit consent (Article 6(1)(a) GDPR).
Data Minimization
- We collect only essential billing information. No personal data is collected through the desktop application.
Storage Limitation
- Billing records are retained only as required by law (e.g., tax regulations).
- Your Data: Extracted datasets reside on your device; you control retention.
Integrity & Confidentiality
- Encryption: API keys are encrypted locally (AES-256).
- Local Processing: No data is transmitted to our servers.
5. Your GDPR Rights
| Right | How to Exercise |
|---|---|
| Access | Review billing data via your account dashboard or email request. |
| Rectification | Update billing details in your account settings. |
| Erasure | Delete your account (billing data anonymized post-legal retention period). |
| Portability | Export billing data via support@datascrap.studio. |
| Object | Opt out of marketing emails via unsubscribe links. |
Note: Extracted data is stored locally on your device. To delete it, uninstall the app or remove exported files manually.
6. Data Transfers
- No Cross-Border Transfers: All data processing occurs locally on your device.
- Third-Party Services (e.g., BrightData): Governed by their GDPR compliance.
7. Security Measures
- Local Encryption: API keys and credentials are encrypted on your machine.
- Regular Updates: Security patches included in free lifetime updates.
8. Breach Notification
While we do not store your data, in the unlikely event of a breach impacting billing information:
- We will notify affected users within 72 hours of discovery.
9. Contact & Complaints
- Data Protection Inquiries: privacy@datascrap.studio.
- Supervisory Authority: EU users may lodge complaints with their local data protection authority.
10. Policy Updates
Changes will be communicated via email or in-app notifications. Continued use constitutes acceptance.