Back to Home

GDPR Compliance

Effective Date: April 1, 2025

Last Updated: April 1, 2025

Belbotika is committed to protecting your privacy and ensuring that your personal data is handled in accordance with the General Data Protection Regulation (GDPR). This document outlines how we process and protect your data.

This GDPR Compliance document supplements our Privacy Policy and provides specific information about your rights under the GDPR.

1. Data Controller Information

Belbotika acts as a data controller for the personal information we collect from you. As a data controller, we determine the purposes and means of processing your personal data. Our contact details are:

Belbotika Business Tech Platform
Magenta Court
Hamilton, Ontario
Canada
Email: privacy@belbotika.com

2. What Data We Collect

We collect and process the following categories of personal data:

  • Account Information: Name, email address, phone number, company details, billing information
  • User-Generated Content: Content you create, upload, or share through our platform
  • Communication Data: Information from your communications with us
  • Technical Data: IP address, browser type and version, device information, time zone setting, operating system
  • Usage Data: Information about how you use our website and services
  • Marketing Preferences: Your preferences regarding receiving marketing communications

We use cookies and similar technologies to collect information about your browsing activities. For more details, please see our Cookie Policy.

3. Legal Basis for Processing

Under the GDPR, we must have a valid legal basis for processing your personal data. We process your data on the following legal grounds:

  • Consent: When you have given clear consent for us to process your personal data for a specific purpose, such as to send marketing communications
  • Contract Performance: When processing is necessary for the performance of a contract with you (e.g., to provide our services) or to take steps at your request before entering into a contract
  • Legal Obligation: When processing is necessary for compliance with a legal obligation to which we are subject
  • Legitimate Interests: When processing is necessary for our legitimate interests or those of a third party, provided these interests are not overridden by your interests or fundamental rights and freedoms

Our legitimate interests include:

  • Improving and personalizing our services
  • Ensuring the security of our platform
  • Business operations and commercial interests
  • Analytics to better understand user behavior

4. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right to Access: You have the right to request a copy of the personal data we hold about you
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data
  • Right to Erasure (Right to be Forgotten): You have the right to request that we delete your personal data in certain circumstances
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances
  • Right to Data Portability: You have the right to request that we transfer your personal data to another service provider in a structured, commonly used, and machine-readable format
  • Right to Object: You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing
  • Rights Related to Automated Decision Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you

To exercise any of these rights, please contact us at privacy@belbotika.com. We will respond to your request within one month. This period may be extended by two further months where necessary, taking into account the complexity and number of requests.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Retention periods vary depending on the type of data:

  • Account information is kept for the duration of your relationship with us and for a reasonable period thereafter
  • User-generated content is retained until you delete it or close your account
  • Communication data is kept for as long as necessary to resolve inquiries or enforce our agreements
  • Technical and usage data may be retained for a shorter period for analytical purposes

When determining the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and applicable legal requirements.

6. International Data Transfers

Belbotika may transfer your personal data to countries outside the European Economic Area (EEA). Whenever we transfer your data outside the EEA, we ensure a similar degree of protection by implementing at least one of the following safeguards:

  • Transferring data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission
  • Using specific contracts approved by the European Commission that give personal data the same protection it has in Europe
  • For transfers to the US, working with providers certified under the EU-US Data Privacy Framework

If you want further information on the specific mechanism used by us when transferring your personal data out of the EEA, please contact us at privacy@belbotika.com.

7. Third-Party Processors

We may share your personal data with trusted third-party service providers who perform services on our behalf. These service providers include:

  • Cloud hosting and infrastructure providers
  • Payment processors
  • Email and communication service providers
  • Customer support tools
  • Analytics providers

All third-party processors acting on our behalf only process your data in accordance with our instructions and are subject to appropriate confidentiality and security obligations. We do not sell your personal data to third parties.

8. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication procedures
  • Regular backups of data
  • Staff training on data protection

For more information about our security practices, please see our Security Policy.

9. Data Breach Procedures

In the event of a personal data breach, we will notify the relevant supervisory authority without undue delay and, where feasible, not later than 72 hours after becoming aware of the breach, unless the breach is unlikely to result in a risk to your rights and freedoms.

If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay. This notification will:

  • Describe the nature of the breach
  • Provide the name and contact details of our data protection officer or other contact point
  • Describe the likely consequences of the breach
  • Describe the measures taken or proposed to address the breach

10. Data Protection Officer

While we are not legally required to have a Data Protection Officer, we have appointed a Privacy Team to oversee our data protection strategy and implementation to ensure compliance with GDPR requirements.

You can contact our Privacy Team at privacy@belbotika.com.

11. Complaints

If you have any concerns about how we handle your personal data, please contact us first at privacy@belbotika.com, and we will do our best to resolve your concern.

You also have the right to lodge a complaint with your local data protection authority if you believe that we have not complied with applicable data protection laws. However, we would appreciate the chance to address your concerns before you approach the authority, so please contact us in the first instance.

12. Changes to This GDPR Compliance Document

We may update this GDPR compliance document from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes through the Services or via email.

We encourage you to review this document periodically to stay informed about how we are protecting your personal data.

13. Contact Information

If you have any questions about this GDPR compliance document or our data practices, please contact us at:

Email: privacy@belbotika.com

Address: Magenta Court, Hamilton, Ontario, Canada