Stackbear Data Processing Policy

Last updated: 11th December 2023

This Data Processing Policy forms part of, and is subject to the provisions of, the Stackbear Terms of Service. Capitalized terms that are not defined in this policy have the meanings given to them in the Terms of Service.

1. Introduction

Stackbear is committed to protecting the privacy of your data. We only process personal data in accordance with this policy and applicable law, including the General Data Protection Regulation (GDPR) and the e-Privacy Directive 2002/58/EC.

2. Definitions

“GDPR” means the EU General Data Protection Regulation 2016/679.

“Security Measures” means the technical and organizational security measures that we implement with respect to the Services as they are described on our website from time to time.

“Sub-Processor” means an entity engaged by Stackbear to process Your Controlled Data.

3. Data Processing

3.1 Subject Matter. The subject matter of the data processing under this Data Processing Policy is Your Controlled Data.

3.2 Duration. As between you and us, the duration of the data processing under this Data Processing Policy is determined by you.

3.3 Purpose. The purpose of the data processing under this Data Processing Policy is the provision of the Services initiated by you from time to time.

4. Rights of Data Subjects

Data subjects have the right to access, rectify, erase, restrict processing, object to processing, and the right to data portability. To exercise these rights, data subjects can contact us at hello @stackbear.com.

5. Lawfulness of Processing

We process personal data based on the legal basis of consent, contract, legal obligation, vital interests, public task, and legitimate interests, as applicable.

6. International Transfers

If data is transferred outside the European Economic Area, we ensure that appropriate safeguards are in place as required by the GDPR.

7. Data Minimization and Retention

We adhere to the principles of data minimization and only retain personal data for as long as necessary for the purposes for which it was collected.

8. Data Subject Access Requests

Data subjects can submit requests about their personal data to hello @stackbear.com. We will respond to such requests in accordance with the timelines set out in the GDPR.

9. Consent Withdrawal

If processing is based on consent, data subjects can withdraw their consent at any time by contacting us at hello @stackbear.com.

10. Automated Decision-Making

If we use automated decision-making processes, including profiling, we will provide information on the significance and consequences of such processing for data subjects.

11. Record Keeping

We maintain records of processing activities as required under Article 30 of the GDPR.

12. Data Protection Impact Assessment (DPIA)

If our processing is likely to result in a high risk to the rights and freedoms of individuals, we will conduct a Data Protection Impact Assessment and take appropriate measures to mitigate those risks.

13. Complaints

Data subjects can lodge a complaint with a supervisory authority if they believe that our processing of their personal data is not in compliance with the GDPR.

14. Changes to this Policy

We reserve the right to amend this Data Processing Policy in part or in full. We will notify you of any changes via our website.