GDPR Compliance

Effective Date:
September 1, 2025
Service Provider:
coSociale
Document Version:
1.0

GDPR Compliance

Table of Contents

1. Overview

The General Data Protection Regulation (GDPR) is a European Union regulation that protects the personal data of EU/EEA residents. coSociale is committed to complying with GDPR when processing personal data of individuals located in the EU/EEA.

Key principles:

  • Lawfulness, fairness, and transparency.
  • Purpose limitation: data collected only for specific, legitimate purposes.
  • Data minimization: only the data necessary for the purpose is collected.
  • Accuracy: personal data must be kept accurate and up-to-date.
  • Storage limitation: personal data is retained only as long as necessary.
  • Integrity and confidentiality: personal data must be securely processed.

2. Legal Basis for Processing

coSociale processes personal data based on one or more of the following legal grounds:

  • Consent: When you have explicitly given consent.
  • Contractual necessity: To provide services you requested.
  • Legal obligation: To comply with applicable laws.
  • Legitimate interests: For purposes such as improving services, analytics, and fraud prevention, provided such interests do not override your rights.

3. Rights of EU/EEA Users

EU/EEA residents have the following rights regarding their personal data:

3.1 Right to Access

You can request a copy of the personal data coSociale holds about you, including information about how it is processed.

3.2 Right to Rectification

You may request correction of inaccurate or incomplete personal data.

3.3 Right to Erasure

You can request deletion of your personal data under certain circumstances, such as when the data is no longer necessary or if you withdraw consent.

3.4 Right to Restrict Processing

You may request that we limit how your data is processed in specific situations, such as when the accuracy is contested or processing is unlawful but you oppose erasure.

3.5 Right to Data Portability

You can request your personal data in a structured, commonly used format to transfer it to another service provider.

3.6 Right to Object

You may object to the processing of your personal data for direct marketing, legitimate interests, or research purposes.

3.7 Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, which significantly affects you.

4. Data Retention

coSociale retains personal data only as long as necessary to fulfill the purposes for which it was collected or as required by law. Retention periods are periodically reviewed to ensure compliance with GDPR.

5. International Transfers

If your personal data is transferred outside the EU/EEA, coSociale ensures adequate safeguards are in place, such as:

  • Standard contractual clauses approved by the European Commission.
  • Data processing agreements with third-party service providers.
  • Measures to protect your rights and data security in line with GDPR requirements.

6. Contact Information

For GDPR-related inquiries, you can contact our:

You also have the right to lodge a complaint with a relevant EU/EEA data protection authority if you believe your rights have been violated.