Data Protection & GDPR Rights

Your data rights and how to exercise them

1. Your Rights Under GDPR

As a data subject under the General Data Protection Regulation (GDPR), you have several important rights regarding your personal data processed by Spectin.

Right to Access

You can request a copy of all personal data we hold about you, including how it's being processed.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

Also known as "right to be forgotten" - you can request deletion of your personal data.

Right to Restrict Processing

You can limit how we process your data in certain circumstances.

Right to Data Portability

You can request your data in a machine-readable format to transfer to another service.

Right to Object

You can object to processing based on legitimate interests or for direct marketing.

2. How to Exercise Your Rights

Contact Our Data Protection Officer

To exercise any of your rights, please contact our Data Protection Officer:

Email: dpo@spectin.com

Subject Line: "GDPR Data Subject Request"

Response Time: Within 30 days of receipt

Required Information

When submitting a request, please include:

  • Your full name and email address associated with your Spectin account
  • Specific nature of your request (access, rectification, erasure, etc.)
  • Any relevant details to help us locate your data
  • Proof of identity (to prevent unauthorized access)

3. Data We Process

Account Data

Name, email, password hash, subscription information

Content Data

Uploaded images/videos, inspection reports, project names

Technical Data

IP address, browser information, session data, usage analytics

Communication Data

Support tickets, email communications, feedback

4. Data Processing Lawful Basis

Data Type Legal Basis Purpose
Account Information Contract Service provision
Content Analysis Contract AI inspection services
Usage Analytics Legitimate Interest Service improvement
Marketing Communications Consent Promotional content

5. Data Retention Periods

  • Account Data: Until account deletion or 3 years after last activity
  • Content Files: Until deletion by user or account closure
  • Inspection Reports: Until user deletion or 5 years for business records
  • Technical Logs: 12 months for security and performance monitoring
  • Support Communications: 3 years for quality and legal purposes

6. International Data Transfers

Your data may be processed in countries outside the European Economic Area. We ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules where applicable
  • Appropriate technical and organizational measures

7. Complaints and Supervisory Authority

If you're not satisfied with how we handle your request, you have the right to lodge a complaint with the relevant supervisory authority:

8. Updates to Data Processing

We will notify you of any significant changes to how we process your personal data. You will receive notifications via email or through our platform.

Need Help?

Our Data Protection Officer is here to help you understand and exercise your rights.

Contact Data Protection Officer