GDPR compliance

Last updated Dec 19, 2024

At Springreview, we prioritize the protection of personal data and are committed to ensuring full compliance with the European Union General Data Protection Regulation (GDPR). Our practices are designed to safeguard the data of our users, including both our direct customers and the end users of their platforms.

Data we collect and process

Springreview collects and processes the following types of data:

  • Usage data: Details of accessed Springreview pages, including dates and times.
  • Device information: Device type, browser details, and referral URLs.
  • Personal information: Name and email address (if provided at sign-up).
  • IP address: Collected to combat spam, prevent abuse, personalize services, and generate aggregated, non-identifying usage data.
  • Authentication data: Profile information from third-party providers (e.g., Google, Facebook, or Apple) used for sign-up authentication.
  • User activity: Interactions on Springreview forms, such as submitted feedback, comments, or other actions.

Payment Data: Payments are processed securely through Stripe, and Springreview does not directly store sensitive payment information such as credit card numbers or billing addresses on its servers.

Your Rights Under GDPR

Springreview upholds the following data protection rights as defined by the GDPR:

  • Right to access: Obtain a copy of your personal data.
  • Right to rectification: Request corrections to inaccurate or incomplete data.
  • Right to erasure: Request the deletion of your data (“right to be forgotten”).
  • Right to restrict processing: Limit how your data is processed in certain circumstances.
  • Right to object: Object to specific processing activities, including marketing.
  • Right to data portability: Receive your personal data in a structured, machine-readable format and transfer it to another data controller.

You may exercise these rights by contacting us at hello@springreview.com. We will respond to your request within the statutory timeframe (typically 30 days).

Security Measures

Springreview employs robust security measures to ensure the protection of your data:

  • Encryption: Data is encrypted during transit (using TLS 1.2 or later) and at rest (using AES-256).
  • Secure hosting: Data is hosted on Convex, a secure platform with industry-leading compliance standards.
  • Access controls: Access to customer data is restricted to authorized personnel only.

Data Subprocessors

Springreview uses trusted third-party vendors and hosting partners to provide infrastructure, storage, and related technology necessary to operate our platform. Detailed information about these subprocessors can be found here.

By ensuring transparency, implementing strong security practices, and respecting your rights, Springreview maintains its commitment to GDPR compliance and the trust of its users.

Contact

Questions? Let us know at hello@springreview.com.

Related

Data subprocessors
Explore the third-party subprocessors involved in delivering our services.

Terms of service
Review the terms and conditions governing your use of Springreview.

Privacy policy
Learn how we collect, process, and safeguard your personal information.

See it in action