GDPR Compliance

Last updated: January 1, 2025

ClipInn is committed to protecting the privacy and rights of individuals in the European Union under the General Data Protection Regulation (GDPR).

Our Role Under GDPR

When you use ClipInn:

  • Your organization is the Data Controller for employee data
  • ClipInn acts as a Data Processor on your behalf

We process personal data only according to your instructions and applicable law.

Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate personal data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restriction: Limit how we process your data
  • Right to Portability: Receive your data in a portable format
  • Right to Object: Object to processing of your data
  • Right to Withdraw Consent: Withdraw consent at any time

Lawful Basis for Processing

We process personal data under the following legal bases:

  • Contract: To fulfill our contractual obligations
  • Legitimate Interest: To improve our services
  • Legal Obligation: To comply with applicable laws
  • Consent: Where you have given explicit consent

Data Protection Measures

We implement appropriate technical and organizational measures including:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication
  • Employee training on data protection
  • Incident response procedures

International Data Transfers

When we transfer data outside the EEA, we use appropriate safeguards such as:

  • Standard Contractual Clauses approved by the EU Commission
  • Data Processing Agreements with all sub-processors
  • Adequacy decisions where applicable

Sub-Processors

We use carefully selected sub-processors to provide our services. A list of current sub-processors is available upon request. We notify customers of any changes to sub-processors.

Data Breach Notification

In the event of a data breach that poses a risk to your rights, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR.

Data Protection Officer

For GDPR-related inquiries, please contact our Data Protection Officer at dpo@clipinn.com.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at privacy@clipinn.com. We will respond within 30 days.