Skip to main content
Euraika Logo
Back to Home

GDPR Compliance

Last Updated: January 1, 2025

Our Commitment to GDPR Compliance

Euraika BV is committed to full compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. As a European-based company building AI compliance solutions, we recognize the importance of protecting personal data and upholding the highest standards of privacy and data security.

Data Controller:
Euraika BV
Kabbeekvest 4
3300 Tienen, Belgium
Email: founders@euraika.net

1. Lawful Basis for Data Processing

We process personal data only when we have a lawful basis under GDPR Article 6:

  • Consent (Art. 6(1)(a)): You have given explicit consent for us to process your personal data for specific purposes, such as marketing communications.
  • Contractual Necessity (Art. 6(1)(b)): Processing is necessary to perform a contract with you or to take pre-contractual steps at your request.
  • Legal Obligation (Art. 6(1)(c)): Processing is necessary to comply with legal obligations, such as tax or regulatory requirements.
  • Legitimate Interests (Art. 6(1)(f)): Processing is necessary for our legitimate interests, such as improving our services, provided it does not override your fundamental rights and freedoms.

2. Your GDPR Rights

As a data subject under GDPR, you have the following rights:

  • Right to Access (Art. 15): You can request a copy of the personal data we hold about you.
  • Right to Rectification (Art. 16): You can request correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17): You can request deletion of your personal data (right to be forgotten), subject to certain exceptions.
  • Right to Restriction of Processing (Art. 18): You can request that we limit how we use your data in certain circumstances.
  • Right to Data Portability (Art. 20): You can request a copy of your data in a structured, commonly used, and machine-readable format.
  • Right to Object (Art. 21): You can object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent (Art. 7(3)): You can withdraw your consent at any time where processing is based on consent.
  • Right to Lodge a Complaint (Art. 77): You can file a complaint with your national data protection authority if you believe we have violated your rights.

3. Data Protection Principles

We adhere to the core GDPR principles (Art. 5):

  • Lawfulness, Fairness, and Transparency: We process data lawfully, fairly, and transparently.
  • Purpose Limitation: We collect data for specified, explicit, and legitimate purposes only.
  • Data Minimization: We collect only the data necessary for our purposes.
  • Accuracy: We take reasonable steps to ensure data is accurate and up to date.
  • Storage Limitation: We retain data only as long as necessary for the purposes for which it was collected.
  • Integrity and Confidentiality: We implement appropriate security measures to protect data from unauthorized access, loss, or damage.
  • Accountability: We are responsible for demonstrating compliance with GDPR principles.

4. Data Security Measures

We implement technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication mechanisms
  • Employee training on data protection and security
  • Incident response and breach notification procedures

5. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Article 33. If the breach poses a high risk to you, we will also notify you directly without undue delay (Art. 34).

6. International Data Transfers

Euraika is based in the European Union. If we transfer personal data outside the EU/EEA, we ensure that appropriate safeguards are in place, such as:

  • European Commission adequacy decisions (Art. 45)
  • Standard Contractual Clauses (SCCs) approved by the European Commission (Art. 46)
  • Binding Corporate Rules (BCRs) where applicable

7. Data Protection Officer (DPO)

While Euraika BV is not legally required to appoint a Data Protection Officer under GDPR Article 37, we have designated a data protection contact point to oversee GDPR compliance and handle data subject requests.

Data Protection Contact:
Euraika BV
Kabbeekvest 4
3300 Tienen, Belgium
Email: founders@euraika.net

8. Children's Data

Our services are not directed to children under the age of 16. We do not knowingly collect or process personal data from children. If we become aware that we have inadvertently collected data from a child without appropriate parental consent, we will take steps to delete such information promptly.

9. Automated Decision-Making and Profiling

We do not engage in automated decision-making or profiling that produces legal or similarly significant effects on individuals, as defined in GDPR Article 22. If this changes, we will provide clear notice and obtain your consent where required.

10. Exercising Your Rights

To exercise any of your GDPR rights or if you have questions about our data protection practices, please contact us at:

Email: founders@euraika.net

We will respond to your request within one month, as required by GDPR Article 12. In complex cases, we may extend this period by two additional months, and we will inform you of any such extension.

11. Supervisory Authorities

If you have concerns about our data processing practices or wish to lodge a complaint, you have the right to contact your national data protection authority:

Belgium:
Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données)
Address: Rue de la Presse 35, 1000 Brussels, Belgium
Website: www.dataprotectionauthority.be
Email: contact@apd-gba.be
Germany:
The Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Address: Graurheindorfer Str. 153, 53117 Bonn, Germany
Website: www.bfdi.bund.de
Email: poststelle@bfdi.bund.de
Note: You may also contact your relevant state (Länder) data protection authority.

11a. Belgian-Specific Provisions

In accordance with the Belgian Law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data:

  • Processing of personal data must comply with the principles of proportionality and subsidiarity.
  • Data subjects have the right to lodge a complaint with the Belgian Data Protection Authority at any time.
  • We comply with all Belgian-specific implementations of GDPR requirements.

11b. German-Specific Provisions (BDSG)

In accordance with the German Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG):

  • § 26 BDSG (Employment Data): If we process employee or applicant data of German residents, we comply with the special provisions for processing employee data.
  • § 32 BDSG (Credit Scoring): Any credit scoring or automated decision-making affecting German users complies with German requirements for transparency and data quality.
  • Right to Information: German users have enhanced rights to information about automated decision-making and the logic involved (BDSG § 37).

12. Updates to This Statement

We may update this GDPR Compliance statement from time to time to reflect changes in our practices or legal obligations. Any updates will be posted on this page with a revised "Last Updated" date.