squadexa.ai Logo
GDPR Compliance

GDPR Policy

Our commitment to protecting your personal data in accordance with the General Data Protection Regulation (GDPR).

Last updated: December 4, 2025

1. Introduction

Squadkin Technologies Pvt Ltd is committed to protecting your personal data and ensuring compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This GDPR Policy explains how we collect, process, and protect your personal data in accordance with EU data protection laws.

This policy applies to all personal data processing activities carried out by Squadkin Technologies Pvt Ltd, regardless of whether you are located in the EU or not.

2. Data Controller Information

Squadkin Technologies Pvt Ltd acts as the data controller for the personal data we collect and process. Our contact details are:

Company: Squadkin Technologies Pvt Ltd

Data Protection Officer: support@squadexa.ai

Email: support@squadexa.ai

Address: Squadkin Technologies Pvt Ltd Data Protection Office

Phone: Available upon request

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

Consent (Article 6(1)(a))

We process data when you have given clear consent for specific purposes:

  • Marketing communications and newsletters
  • Analytics and performance tracking
  • Cookie usage and preferences
  • Third-party integrations

Contract Performance (Article 6(1)(b))

We process data necessary to perform our contract with you:

  • Account creation and management
  • Service delivery and support
  • Payment processing and billing
  • API access and usage tracking

Legitimate Interest (Article 6(1)(f))

We process data based on our legitimate business interests:

  • Service improvement and development
  • Security and fraud prevention
  • Business analytics and reporting
  • Legal compliance and enforcement

4. Categories of Personal Data

We collect and process the following categories of personal data:

Identity Data

  • Name and contact information
  • Email address and phone number
  • Account credentials
  • Profile information

Usage Data

  • Service usage patterns
  • API call logs and metrics
  • Feature interactions
  • Performance data

Technical Data

  • IP addresses and device information
  • Browser type and version
  • Operating system details
  • Location data (if permitted)

Content Data

  • Input content for processing
  • Generated outputs and results
  • File uploads and documents
  • Communication records

5. Your Data Subject Rights

Under GDPR, you have the following rights regarding your personal data:

Right of Access (Article 15)

You can request a copy of all personal data we hold about you, including processing purposes and data sources.

Right to Rectification (Article 16)

You can request correction of inaccurate or incomplete personal data.

Right to Erasure (Article 17)

You can request deletion of your personal data in certain circumstances (the "right to be forgotten").

Right to Restrict Processing (Article 18)

You can request limitation of how we process your personal data.

Right to Data Portability (Article 20)

You can request transfer of your data to another service provider in a structured format.

Right to Object (Article 21)

You can object to processing based on legitimate interests or for marketing purposes.

6. Consent Management

We implement a comprehensive consent management system that allows you to:

  • Grant or withdraw consent for specific data processing activities
  • View and manage your consent preferences at any time
  • Receive clear information about what you're consenting to
  • Withdraw consent as easily as you gave it
  • Access a record of your consent history

Consent Categories

Essential Cookies

Required for basic service functionality

Analytics Cookies

Help us understand usage patterns

Marketing Cookies

Used for targeted advertising

Preference Cookies

Remember your settings and choices

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place for such transfers:

  • Standard Contractual Clauses: Approved by the European Commission
  • Adequacy Decisions: Countries with adequate data protection
  • Certification Schemes: Privacy Shield or equivalent frameworks
  • Binding Corporate Rules: Internal data protection policies

We will only transfer your data to third countries with appropriate safeguards and your explicit consent where required.

8. Data Retention Periods

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

Account Data

Retained until account deletion or 3 years of inactivity

Usage Data

Retained for 2 years for analytics and improvement

Content Data

Retained as needed for service provision

Marketing Data

Retained until consent withdrawal

9. Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication systems
  • Employee training on data protection
  • Incident response and breach notification procedures
  • Regular backups and disaster recovery plans

10. Data Breach Notification

In the event of a personal data breach that poses a high risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Inform affected individuals without undue delay
  • Provide clear information about the breach and its consequences
  • Explain measures taken to address the breach
  • Offer guidance on protective steps you can take

11. How to Exercise Your Rights

To exercise any of your data subject rights, please contact us:

Email Contact

Data Protection Officer: support@squadexa.ai

Privacy Team: support@squadexa.ai

Support: support@squadexa.ai

Response Times

Access requests: 30 days

Other requests: 15 days

Complex requests: Up to 60 days

12. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe we have not handled your personal data in accordance with GDPR. You can contact your local data protection authority or the authority in the country where you believe the violation occurred.

We encourage you to contact us first to resolve any concerns before lodging a complaint with the supervisory authority.

13. Updates to This Policy

We may update this GDPR Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending you an email notification
  • Displaying a notice in our Service
  • Requesting renewed consent where required