GDPR Compliant

Your Privacy is Our Top Priority

We're committed to protecting your personal data and respecting your privacy rights under GDPR

What Data We Collect

We believe in transparency. Here's exactly what information we collect and why

Account Information

Basic profile data to manage your account

Data collected:

  • Name
  • Email address
  • Password (encrypted)
  • Account creation date
Purpose:Account management and authentication
Retention:Until account deletion

Financial Data

Credit card and debt information you provide

Data collected:

  • Credit card details
  • Balance information
  • Payment history
  • Interest rates
Purpose:Debt tracking and strategy calculation
Retention:5 years after account closure

Usage Analytics

How you interact with our services

Data collected:

  • Feature usage
  • Login times
  • Device information
  • IP addresses
Purpose:Service improvement and security
Retention:2 years

Communication Data

Your interactions with our support team

Data collected:

  • Support tickets
  • Email communications
  • Feedback submissions
Purpose:Customer support and service improvement
Retention:3 years

Your GDPR Rights

You have complete control over your personal data

Right to Access

Request a copy of all personal data we hold about you

Right to Rectification

Correct any inaccurate or incomplete personal data

Right to Erasure

Request deletion of your personal data ("right to be forgotten")

Right to Data Portability

Receive your data in a structured, machine-readable format

Right to Object

Object to certain types of data processing

Right to Restrict Processing

Limit how we use your personal data

How We Protect Your Data

Industry-leading security measures to keep your information safe

Encryption

AES-256 encryption for all data at rest and in transit

Access Controls

Role-based access with multi-factor authentication

Regular Audits

Annual security assessments and penetration testing

Data Minimization

We only collect data necessary for our services

Secure Infrastructure

SOC 2 compliant data centers with 99.9% uptime

Employee Training

Regular privacy and security training for all staff

Data Sharing Policy

We take your privacy seriously

We Never Share With:

  • • Advertising networks
  • • Data brokers
  • • Marketing companies
  • • Credit card companies
  • • Financial institutions

We Only Share When:

  • • Required by law
  • • You explicitly consent
  • • To prevent fraud or abuse
  • • With service providers (under strict NDAs)

Your financial data is yours alone. We're just here to help you manage it.

GDPR Questions

Common questions about your privacy rights

Contact Our Data Protection Officer

Have questions about your privacy rights? We're here to help.

Email

privacy@debtflow.app

Response Time

Within 30 days

Jurisdiction

European Union