Archived.ink

GDPR Compliance

Last Updated: May 2, 2025

1. Introduction

At Archived.ink, we are committed to protecting the privacy and rights of our users. This page outlines our compliance with the General Data Protection Regulation (GDPR), which is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.

2. Our Role Under GDPR

Under GDPR, Archived.ink acts as both a data controller and a data processor:

  • As a Data Controller: We determine the purposes and means of processing personal data collected during account registration, website visits, and customer interactions.
  • As a Data Processor: We process document data that you upload to our service on your behalf and according to your instructions.

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract: Processing necessary for the performance of our contract with you (our Terms of Service).
  • Consent: Processing based on your specific and informed consent, which you can withdraw at any time.
  • Legitimate Interests: Processing necessary for our legitimate interests, such as improving our services, preventing fraud, and ensuring network security.
  • Legal Obligation: Processing necessary to comply with a legal obligation to which we are subject.

4. Your Rights Under GDPR

Under GDPR, you have the following rights:

  • Right to Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure: You have the right to request that we delete your personal data in certain circumstances.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: You have the right to request that we transfer your personal data to another service provider in a structured, commonly used, and machine-readable format.
  • Right to Object: You have the right to object to the processing of your personal data in certain circumstances.
  • Rights Related to Automated Decision Making: You have the right not to be subject to a decision based solely on automated processing, including profiling.

To exercise any of these rights, please contact our Data Protection Officer at dpo@archived.ink.

5. Data Protection Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data during transit and at rest
  • Regular testing and evaluation of the effectiveness of security measures
  • Procedures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems
  • Procedures to restore access to personal data in a timely manner in the event of a physical or technical incident
  • Staff training on data protection and security

6. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as:

  • Transfers to countries with an adequacy decision from the European Commission
  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules

7. Data Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority without undue delay and, where feasible, not later than 72 hours after becoming aware of the breach, unless the breach is unlikely to result in a risk to the rights and freedoms of individuals.

If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay.

8. Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing our data protection strategy and implementation. You can contact our DPO at dpo@archived.ink.

9. Complaints

If you have a concern about our privacy practices, including the way we handle your personal data, you can contact our Data Protection Officer. You also have the right to lodge a complaint with the data protection authority in the EU member state where you reside, work, or where the alleged infringement took place.