GDPR Compliance
Your privacy matters. Learn how SuperGEO complies with the General Data Protection Regulation and safeguards your personal data.
Our Commitment to GDPR Compliance
SuperGEO is fully committed to compliance with the General Data Protection Regulation (GDPR). We understand the importance of protecting your personal data and have implemented comprehensive measures to ensure your privacy rights are respected and upheld.
As a data processor, we handle personal data on behalf of our customers (data controllers). We have established robust policies, procedures, and technical safeguards to ensure that all personal data is processed lawfully, fairly, and transparently.
How We Protect Your Data
We follow GDPR principles in everything we do
Data Protection by Design
We build privacy and data protection into every aspect of our product from the ground up.
Secure Processing
All data is encrypted in transit and at rest using industry-standard encryption protocols.
Transparency
We clearly communicate what data we collect, why we collect it, and how we use it.
User Rights
We respect your rights to access, rectify, erase, and port your personal data.
What Data We Collect
Account Information
When you create a SuperGEO account, we collect your name, email address, and Shopify store information. This data is necessary to provide our service and communicate with you.
Usage Data
We collect information about how you use our service, including redirect rules you create, analytics data, and feature usage. This helps us improve our product and provide better support.
Visitor Location Data
For your store visitors, we process IP addresses to determine geographic location. This data is processed in real-time and is not stored or linked to any individual. We only store aggregated, anonymized statistics.
Technical Data
We collect technical information such as browser type, device information, and operating system to ensure our service works properly across all platforms.
Your GDPR Rights
Under GDPR, you have several important rights regarding your personal data. We make it easy for you to exercise these rights.
Right to Access
You have the right to request a copy of all personal data we hold about you.
Right to Rectification
You can request that we correct any inaccurate or incomplete personal data.
Right to Erasure
You can request that we delete your personal data, subject to certain conditions.
Right to Data Portability
You can request a copy of your data in a machine-readable format to transfer to another service.
Right to Object
You can object to processing of your personal data for direct marketing or other purposes.
Right to Restriction
You can request that we restrict processing of your personal data in certain circumstances.
Data Processing Agreement
We offer a comprehensive Data Processing Agreement (DPA) to all our customers. This agreement outlines our responsibilities as a data processor and ensures compliance with GDPR requirements.
Security Measures
We implement industry-leading security measures to protect your personal data:
Encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
Access Controls
Strict access controls ensure only authorized personnel can access data.
Regular Audits
We conduct regular security audits and penetration testing.
Compliance Monitoring
Continuous monitoring ensures ongoing compliance with GDPR requirements.
Questions About GDPR?
Our Data Protection Officer is here to help with any questions or concerns about your data privacy.