GDPR Compliance

Your privacy rights and how we protect your data

Last updated: January 15, 2025

Sillion is committed to protecting your personal data and respecting your privacy rights. This page outlines how we comply with the General Data Protection Regulation (GDPR) and what rights you have regarding your personal information.

Data Processing Activities

Service Delivery

  • • Account management and authentication
  • • Platform functionality and features
  • • Customer support and communications
  • • Service optimization and improvements

Marketing & Analytics

  • • Email newsletters and updates
  • • Usage analytics and insights
  • • Product development research
  • • Performance monitoring

Legal Basis for Processing

Contractual Necessity

Processing required to provide our services and fulfill our contractual obligations

Legitimate Interest

Analytics, security, and service improvements that benefit both parties

Consent

Marketing communications and optional features you've explicitly agreed to

Data Retention

Account DataDuration of service + 30 days
Analytics Data26 months maximum
Marketing DataUntil consent withdrawn
Support Records3 years from last contact

Your Data Rights

Access

Request a copy of your personal data

Rectification

Correct inaccurate or incomplete data

Erasure

Request deletion of your personal data

Portability

Receive your data in a structured format

Restriction

Limit how we process your data

Objection

Object to processing based on legitimate interest

Withdraw Consent

Revoke consent for specific processing

Complaint

Lodge a complaint with supervisory authorities

International Data Transfers

We may transfer your data outside the European Economic Area (EEA) to provide our services. When we do, we ensure appropriate safeguards are in place:

  • • Adequacy decisions by the European Commission
  • • Standard Contractual Clauses (SCCs) approved by the EU
  • • Binding Corporate Rules for intra-group transfers
  • • Certification schemes and codes of conduct

Contact & Requests

Data Protection Inquiries

For any questions about your data or to exercise your rights:

privacy@sillion.app

Response Time

We aim to respond to all data protection requests within 30 days. Complex requests may require additional time, and we'll keep you informed of our progress.

Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

Technical Safeguards

  • • End-to-end encryption
  • • Secure data transmission
  • • Regular security audits

Access Controls

  • • Role-based permissions
  • • Multi-factor authentication
  • • Regular access reviews

Organizational

  • • Staff training programs
  • • Data breach procedures
  • • Privacy by design