Legal
GDPR Compliance
We take data protection seriously — not just because GDPR requires it, but because it's the right thing to do. Here's how we protect your data and honor your rights.
Your rights under GDPR
Right to Access
You can view and download all personal data we hold about you directly from your account dashboard. No need to file a request — it's always available.
Right to Rectification
You can update or correct your personal data at any time from your account settings. Changes take effect immediately.
Right to Erasure
You can delete your account and all associated data at any time. We complete deletion within 30 days and confirm via email.
Right to Data Portability
Export all your data in standard formats (CSV, JSON, HTML) directly from your dashboard. This includes contacts, content, emails, invoices, and analytics.
Right to Object
You can opt out of marketing communications at any time. You can also object to processing for analytics purposes from your privacy settings.
Right to Restrict Processing
You can request that we limit how we process your data while you verify its accuracy or while we assess an objection you've raised.
Technical and organizational measures
Sub-processors
These third-party services process data on our behalf. All are bound by Data Processing Agreements.
| Provider | Purpose | Location |
|---|---|---|
| AWS | Cloud infrastructure and hosting | EU (Frankfurt) |
| Stripe | Payment processing | US/EU |
| Postmark | Transactional email delivery | US |
| Cloudflare | CDN and DDoS protection | Global |
Data Protection Officer
For any GDPR-related questions, data subject requests, or to report a concern, contact our Data Protection Officer at dpo@websitebuildergoat.com. We respond to all requests within 30 days as required by GDPR.