← Back to Home

GDPR Rights & Compliance

Your privacy rights under the General Data Protection Regulation

1. What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection regulation that applies to organizations in the European Union (EU) and European Economic Area (EEA), as well as organizations processing personal data of EU/EEA residents, regardless of where the organization is based.

Cloud Scout complies with GDPR to protect the privacy and rights of all our users in the EU/EEA.

2. Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

2.1 Right to Access (Article 15)

You have the right to request a copy of all personal data we hold about you in a structured, commonly used, and machine-readable format. We will provide this information within 30 days of your request.

How to request: Email privacy@cloudscout.site with "Data Access Request" in the subject line.

2.2 Right to Rectification (Article 16)

You have the right to request that we correct any inaccurate or incomplete personal data. We will update your information and inform any recipients within 30 days.

How to request: Update your information directly in your account settings or contact privacy@cloudscout.site.

2.3 Right to Erasure (Article 17)

You have the right to request that we delete your personal data. We will delete your information within 30 days, except where retention is required by law.

Exceptions: We may retain data when necessary for:

  • Exercising freedom of expression
  • Compliance with legal obligations
  • Performance of public tasks
  • Archiving in the public interest
  • Scientific or historical research

How to request: Email privacy@cloudscout.site with "Erasure Request" in the subject line.

2.4 Right to Restrict Processing (Article 18)

You can request that we limit how we use your personal data while we verify accuracy, assess your other rights, or determine if our legitimate interests override your preferences.

How to request: Email privacy@cloudscout.site with "Restriction Request" in the subject line.

2.5 Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller without hindrance from us.

How to request: Email privacy@cloudscout.site with "Portability Request" in the subject line.

2.6 Right to Object (Article 21)

You have the right to object to our processing of your personal data based on legitimate interests, including for marketing purposes. We will stop processing unless we have compelling legitimate grounds to continue.

How to request: Email privacy@cloudscout.site with "Objection" in the subject line.

2.7 Right to Withdraw Consent

Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time. This does not affect the legality of processing before the withdrawal.

How to request: Update your preferences in your account settings or email privacy@cloudscout.site.

2.8 Right Not to Be Subject to Automated Decision Making

You have the right not to be subject to decisions made purely by automated means without human review, which would produce legal or similarly significant effects on you.

Note: Our match scoring algorithm includes human oversight and is not used solely for binding decisions without review.

3. Legal Basis for Processing

We process your personal data based on the following legal bases:

  • Consent: Where you have given explicit consent for specific processing
  • Contract: To provide the Cloud Scout Service under our terms
  • Legal Obligation: To comply with applicable laws and regulations
  • Legitimate Interests: To improve our service, prevent fraud, and ensure security
  • Public Task: Where necessary for official duties

4. Data Processing Agreement

For organizations processing personal data of applicants or other individuals through Cloud Scout, we have a Data Processing Agreement (DPA) in place that governs:

  • Our roles as controller and processor
  • Scope and purpose of data processing
  • Data security measures
  • Sub-processor agreements
  • Individual rights and assistance
  • International data transfers

Please contact legal@cloudscout.site to request a copy of our standard DPA.

5. Data Protection Officer

Cloud Scout has appointed a Data Protection Officer (DPO) to oversee compliance with GDPR. You can contact our DPO at:

Data Protection Officer:

Email: privacy@cloudscout.site

Mailing Address: Cloud Scout Headquarters

6. International Data Transfers

If your data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Your explicit consent

7. Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected:

  • Account data: For the duration of your account and 1 year after deletion
  • Applicant data: For 7 years for compliance and audit purposes
  • Communication data: For 2 years for service improvement
  • Cookies: As specified in our Cookie Policy
  • Compliance logs: For 3 years for legal compliance

8. Data Breach Notification

In the event of a personal data breach, we will:

  • Notify affected individuals without undue delay (typically within 72 hours)
  • Provide information about the breach and steps to mitigate risks
  • Notify relevant authorities where required
  • Maintain breach documentation for regulatory purposes

9. Right to Lodge a Complaint

If you believe we have violated your GDPR rights, you have the right to lodge a complaint with your local data protection authority. In the EU, each country has its own Data Protection Authority:

Examples include:

  • Austria: Österreichische Datenschutzbehörde
  • Belgium: Autorité de Protection des Données
  • France: Commission Nationale de l'Informatique et des Libertés (CNIL)
  • Germany: Bundesdatenschutzbeauftragte
  • United Kingdom: Information Commissioner's Office (ICO)

You can find your local authority at: https://edpb.ec.europa.eu/about-edpb/board/members_en

10. Exercising Your Rights

To exercise any of your GDPR rights:

Email: privacy@cloudscout.site

Include in your request:

  • Your full name and email address
  • Type of right you're exercising
  • Specific details about your request
  • Proof of identity (if applicable)

We will respond within 30 days (extendable to 90 days for complex requests).

11. No Fee Policy

You will not be charged a fee for exercising your rights under GDPR unless your request is unfounded, repetitive, or excessive. In such cases, we may charge a reasonable fee or refuse to act on the request.

12. Contact Information

For GDPR-related inquiries:

Email: privacy@cloudscout.site

Subject line: "GDPR Request" followed by your specific request type

Data Protection Officer:

Email: privacy@cloudscout.site

General Support:

Email: support@cloudscout.site

Privacy PolicyTerms of ServiceCookie PolicyCCPA Rights