GDPR Compliance
How MeasureLLM complies with GDPR and protects your data rights
Overview
MeasureLLM is fully compliant with the General Data Protection Regulation (GDPR). We are committed to protecting the privacy and data rights of our users in the European Union and globally.
Your data is protected by design and by default
Full support for all GDPR data subject rights
Clear policies and data processing agreements
GDPR compliance applied to all users worldwide
Your GDPR Rights
Under GDPR, you have the following rights regarding your personal data:
Right to Access
You can request a copy of all personal data we hold about you:
- Go to Settings → Data & Privacy
- Click "Export All Data"
- Receive a downloadable copy within 30 days
Right to Rectification
You can update or correct your personal data at any time:
- Go to Settings → Profile
- Update your information
- Changes take effect immediately
Right to Erasure
You can request deletion of your personal data:
- Go to Settings → Data & Privacy
- Click "Delete Account"
- All data deleted within 30 days
Right to Data Portability
Export your data in a machine-readable format (JSON/CSV) and take it to another service.
Right to Restrict Processing
Contact us to restrict how your data is processed while maintaining your account.
Right to Object
You can object to certain types of data processing, including marketing communications.
📸 Screenshot: Data Privacy Settings
Shows privacy controls and data export options
How We Process Your Data
Legal Basis for Processing
We process personal data based on:
- Contract: To provide the service you signed up for
- Legitimate Interest: To improve our services and prevent fraud
- Consent: For marketing communications and analytics
- Legal Obligation: To comply with applicable laws
Data We Collect
| Data Type | Purpose | Legal Basis |
|---|---|---|
| Account info | Provide service | Contract |
| Keywords | Core functionality | Contract |
| Usage data | Service improvement | Legitimate interest |
| Payment info | Process payments | Contract |
| Marketing prefs | Communications | Consent |
Data Transfers
EU Data Hosting
For EU customers, data can be stored in EU data centers:
- Primary: AWS EU (Frankfurt)
- Backup: AWS EU (Ireland)
International Transfers
When data is transferred outside the EU, we ensure protection through:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions where applicable
- Data Processing Agreements with all processors
Sub-Processors
We use the following sub-processors to provide our service:
| Processor | Purpose | Location |
|---|---|---|
| AWS | Cloud hosting | EU/US |
| Stripe | Payment processing | US |
| SendGrid | Email delivery | US |
| Intercom | Customer support | US |
Data Processing Agreement
If your organization needs a Data Processing Agreement (DPA):
- Contact us at [email protected]
- Request a DPA
- Review and sign electronically
- We countersign and return
Enterprise customers have DPAs included in their contracts.
Cookie Policy
We use cookies for:
- Essential: Required for the service to function
- Functional: Remember your preferences
- Analytics: Understand how you use the service (with consent)
- Marketing: Only with explicit consent
Manage your cookie preferences in Settings → Privacy or through the cookie banner.
Data Breach Notification
In the unlikely event of a data breach:
- We notify affected users within 72 hours
- We report to relevant supervisory authorities
- We provide details of the breach and remediation steps
- We offer support for affected users
Contact Our DPO
For GDPR-related questions or to exercise your rights:
- Email: [email protected]
- Response time: Within 30 days
- Supervisory Authority: You can also contact your local data protection authority
More Information: Read our full Privacy Policy for complete details on how we handle your data.