Back

GDPR Compliance Statement

Your Privacy Matters to Us

Template SaaS is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). We process your data transparently and securely to provide our SaaS services.

Data Controller Information

Data Controller: Template SaaS

Website: https://aitorvadillo.com

Privacy Contact & Data Protection Officer: Aitor <privacy@email.aitorvadillo.com

Business Registration: [Add your registration number/details]

Our privacy team handles all GDPR requests, data protection inquiries, and DPO responsibilities.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract Performance: To provide our SaaS services and features
  • Legitimate Interest: To improve our services and prevent fraud
  • Consent: For marketing communications (where applicable)
  • Legal Obligation: To comply with accounting and tax requirements

Data We Collect

Personal Information

  • Name and contact details
  • Email address
  • Phone number
  • Account information
  • Payment information

Technical Information

  • IP address
  • Browser type and version
  • Device information
  • Usage analytics
  • Cookies and tracking data

Your GDPR Rights

Right to Access (Article 15)

You have the right to obtain confirmation that we are processing your personal data and access to that data.

Right to Rectification (Article 16)

You have the right to have inaccurate personal data corrected and incomplete data completed.

Right to Erasure (Article 17)

You have the right to have your personal data deleted in certain circumstances.

Right to Restrict Processing (Article 18)

You have the right to restrict the processing of your personal data in certain circumstances.

Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller.

Right to Object (Article 21)

You have the right to object to the processing of your personal data for direct marketing purposes.

Data Retention

Data TypeRetention PeriodReason
Account InformationDuration of service + 7 yearsLegal obligations, tax records
Payment Data7 years after transactionFinancial regulations
User ContentDuration of service + 3 yearsContract fulfillment
Marketing DataUntil consent withdrawnMarketing purposes
Analytics Data26 monthsService improvement

Data Transfers

When we transfer your data outside the EU/EEA, we ensure:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules (where applicable)
  • Certification schemes and codes of conduct

Security Measures

Technical Safeguards

  • SSL/TLS encryption
  • Database encryption
  • Regular security audits
  • Access controls

Organizational Measures

  • Staff training
  • Data protection policies
  • Incident response procedures
  • Regular compliance reviews

Exercise Your Rights

Last Updated

This GDPR compliance statement was last updated on June 25, 2025.