We wanted to make sure that you're fully aware of how LinkMatch is compliant with the GDPR law.
Here are some of the actions we’ve taken to ensure we’re compliant:
We have always been taking your data security very seriously. So far the only sensitive data we have been storing is the API access credentials. It is encrypted and is always transmitted only using a Secure HTTP(https) connection.
However, starting from May 25th we are improving even further in terms of security. We are not going to not store any of your access credentials on our side. Which will make a data breach almost impossible even in case our system gets compromised, your data is basically out of the equation as it is only accessed from your computers.
We will only store a non decryptable part of the credentials for authentication purposes and your email and domain(in some cases).
Retention of the logs and usage statistics
To improve and debug the issues with the service, we keep a variety of system logs. We now destroy the logs after 3 months of the collection date. We never use the system logs for anything else than monitoring or debugging.
Usage statistics information will be removed within a month after the user unsubscribes from the service.
The GDPR gives the right to any user to download any data that they provide to a service. You can request all the data related to your account at email@example.com, your request will be processed within 72 hours max.
Third party processors
We make sure to use only GDPR compliant third party services.
Currently, LinkMatch uses 2Checkout to process the payments which is GDPR compliant. Please refer to this article for more information.
Right to “be forgotten”
You can always reach out to us at firstname.lastname@example.org requesting erasure of all of your data. After the necessary authentication procedures all the data, related to your account will be removed. Even if you will not request the erasure, it will be done after a month of unsubscribing from the service.
Data Processing Addendum
LinkMatch could be considered as a data processor, while it is a bit vague in our case because the processing is only done on your side.
Any other questions?
Please feel free to ask any question, we have absolutely nothing to hide, and are committed to be transparent in our data related policies. You can reach out to us at email@example.com.