GDPR Compliance

This page explains how Indie Forge complies with the General Data Protection Regulation (GDPR) and your rights as a data subject.

Last updated: January 15, 2024Contact: privacy@indieforge.com

Quick Navigation

What is GDPRYour RightsData ProcessingData TransfersContact Us
What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to organizations operating within the European Union and those that offer goods or services to EU residents.

GDPR Principles

We follow the core principles of GDPR in our data processing activities:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability
Your Rights Under GDPR

As a data subject, you have several rights under GDPR:

  • Right to be informed about data collection and processing
  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure (right to be forgotten)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision making
Our Data Processing Activities

We process personal data for the following purposes:

  • Providing our platform services
  • User authentication and account management
  • Communication with users
  • Analytics and platform improvement
  • Legal compliance and security

Legal Basis for Processing

We process your data based on the following legal grounds:

  • Consent - for marketing communications and non-essential cookies
  • Contract performance - for providing our services
  • Legitimate interests - for platform improvement and security
  • Legal obligations - for compliance with applicable laws
International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place:

  • Adequacy decisions by the European Commission
  • Standard contractual clauses
  • Binding corporate rules
  • Other appropriate safeguards
Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Account data - until account deletion or 3 years of inactivity
  • Communication data - for 2 years after last interaction
  • Analytics data - for 26 months
  • Legal compliance data - as required by applicable laws

Contact Our Data Protection Officer

If you have questions about our GDPR compliance or want to exercise your rights, please contact our Data Protection Officer:

dpo@indieforge.comContact Us

123 Game Street, San Francisco, CA 94105, United States

GDPR Compliance | Indie Forge