GDPR Compliance
Your data rights under European law
GDPR Compliant
SnapTimers is fully compliant with the General Data Protection Regulation (GDPR). We respect your privacy rights and give you full control over your personal data.
Your Rights
Right to Access
Request a copy of all personal data we hold about you.
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Portability
Receive your data in a machine-readable format.
Right to Object
Object to processing of your personal data for certain purposes.
How We Comply
Lawful Basis
We only process data with your consent or when necessary to provide our service.
Data Minimization
We only collect data that is necessary for providing our service.
Secure Storage
Your data is encrypted at rest and in transit using industry-standard protocols.
Timely Response
We respond to all GDPR requests within 30 days as required by law.
Data Processing
| Data Type | Purpose | Legal Basis |
|---|---|---|
| Email address | Account authentication | Contract |
| Timer data | Service delivery | Contract |
| View analytics | Usage statistics | Legitimate interest |
| Payment info | Billing | Contract |
Sub-Processors
We work with the following GDPR-compliant service providers:
| Provider | Purpose | Location |
|---|---|---|
| Supabase | Database & Authentication | EU (Frankfurt) |
| Stripe | Payment processing | USA (EU SCCs) |
| Cloudflare | CDN & Security | Global (EU SCCs) |
| Vercel | Hosting | USA (EU SCCs) |
| Resend | Email delivery | USA (EU SCCs) |
SCCs = Standard Contractual Clauses for international data transfers
Data Protection Contact
For GDPR-related inquiries or to exercise your rights, contact our Data Protection team: