1. Our Commitment to GDPR Compliance
AuthoringDeck is fully committed to protecting the personal data and privacy of individuals in the European Union and European Economic Area. We comply with the General Data Protection Regulation (GDPR) (EU) 2016/679, which governs how organizations collect, use, and protect personal data of EU residents.
This statement outlines our practices regarding the collection, processing, and protection of personal data in accordance with GDPR requirements.
2. Data Controller Information
AuthoringDeck, Inc. is the data controller responsible for the personal data we collect and process. Our contact details for data protection matters are:
- Company: AuthoringDeck.
- Email: dpo@authoringdeck.com
- Data Protection Officer: Available at the above email address
3. Legal Basis for Processing
Under GDPR, we process personal data based on the following legal grounds:
- Consent: When you have given us explicit consent to process your data for specific purposes (e.g., marketing communications)
- Contract: When processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract
- Legitimate Interests: When processing is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests
- Legal Obligation: When processing is necessary to comply with legal obligations applicable to us
4. Your Rights Under GDPR
As an EU resident, you have the following rights regarding your personal data:
4.1 Right to Access (Article 15)
You have the right to request confirmation of whether we process your personal data and, if so, to obtain a copy of that data along with information about how it is being processed.
4.2 Right to Rectification (Article 16)
You have the right to request that we correct any inaccurate personal data about you and complete any incomplete data.
4.3 Right to Erasure (“Right to be Forgotten”) (Article 17)
You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent and there is no other legal basis for processing.
4.4 Right to Restrict Processing (Article 18)
You have the right to request that we limit the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
4.5 Right to Data Portability (Article 20)
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
4.6 Right to Object (Article 21)
You have the right to object to the processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.
4.7 Right to Withdraw Consent (Article 7)
Where we rely on your consent for processing, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
5. Data Processing Activities
We process personal data for the following purposes:
- Service Provision: To provide, maintain, and improve our documentation platform services
- Customer Support: To respond to inquiries and provide technical assistance
- Communication: To send service updates, security alerts, and administrative messages
- Marketing: To send promotional materials and product information (with explicit consent)
- Analytics: To analyze usage patterns and improve our services (anonymized where possible)
- Legal Compliance: To comply with applicable laws, regulations, and legal processes
6. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, and reporting requirements. When personal data is no longer needed, we securely delete or anonymize it. Specific retention periods vary based on the type of data and applicable legal requirements.
7. Data Transfers
AuthoringDeck is based in the United States. When we transfer personal data from the EU to the United States, we do so using appropriate safeguards recognized under GDPR, including Standard Contractual Clauses (SCCs) approved by the European Commission. We ensure that any third parties receiving your data also provide adequate protection consistent with GDPR requirements.
8. Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit and at rest
- Access controls and authentication mechanisms
- Regular security assessments and penetration testing
- Employee training on data protection
- Incident response and breach notification procedures
9. Cookies and Tracking Technologies
We use cookies and similar technologies to enhance user experience and analyze service usage. For EU visitors, we obtain consent before placing non-essential cookies and provide granular control over cookie preferences through our cookie consent banner.
10. Breach Notification
In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.
11. Exercising Your Rights
To exercise any of your GDPR rights, please contact our Data Protection Officer at dpo@authoringdeck.com. We will respond to your request within one month of receipt. If your request is complex or numerous, we may extend this period by two months and will inform you of the extension within one month.
You also have the right to lodge a complaint with your local supervisory authority if you believe our processing of your personal data violates GDPR.
12. Changes to This Statement
We may update this GDPR Compliance Statement from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated statement on our website with a revised effective date.
13. Contact Information
For questions about this GDPR Compliance Statement or our data protection practices, please contact:
Data Protection Officer: dpo@authoringdeck.com
General Inquiries: privacy@authoringdeck.com