GDPR Compliance

Last Updated: October 2025

At Signifa.online, we value your privacy and are fully committed to complying with the General Data Protection Regulation (GDPR) — the European Union’s data protection law that came into effect on May 25, 2018.

This page explains how we collect, use, protect, and manage your data in compliance with GDPR standards, ensuring transparency and control for all users within the European Economic Area (EEA).

1. Our Commitment to Data Protection

Signifa.online respects your right to privacy.
We believe your data belongs to you — and we handle it responsibly, securely, and transparently.

We ensure that:

  • Personal data is collected only when necessary.
  • Data is stored securely with appropriate encryption and access controls.
  • Information is processed lawfully, fairly, and transparently.
  • You can access, correct, or delete your personal data at any time.

2. Legal Basis for Data Processing

Under the GDPR, Signifa.online processes personal data based on one or more of the following legal grounds:

  1. Consent: You have given clear consent for us to process your personal data for a specific purpose (e.g., newsletter subscription).
  2. Contractual necessity: Processing is required to fulfill our obligations or provide requested services.
  3. Legal obligation: We may process data to comply with applicable laws.
  4. Legitimate interest: Processing is necessary for our legitimate business operations, such as website analytics or improving services.

3. Data We Collect

We collect the following types of information:

  • Personal Data: Name, email address, and any information you voluntarily provide (e.g., contact forms).
  • Usage Data: Browser type, IP address, visited pages, time spent on site, and referring URLs.
  • Cookies & Tracking Data: Used to improve user experience and personalize content.

You can manage or disable cookies through your browser settings at any time.

4. How We Use Your Data

We use collected data to:

  • Improve our website and services.
  • Communicate with users who contact us.
  • Send newsletters or updates (only with consent).
  • Maintain website security and prevent misuse.
  • Comply with legal and regulatory obligations.

We do not sell or rent personal data to third parties.

5. Data Retention Policy

We retain your data only as long as necessary for the purposes outlined in this policy or as required by law.
When no longer needed, your data is securely deleted or anonymized.

6. Your GDPR Rights

Under the GDPR, you have the following rights:

  1. Right to Access: Request a copy of your personal data held by us.
  2. Right to Rectification: Correct inaccurate or incomplete data.
  3. Right to Erasure (“Right to be Forgotten”): Request deletion of your data.
  4. Right to Restrict Processing: Limit how we use your data.
  5. Right to Data Portability: Receive your data in a structured, machine-readable format.
  6. Right to Object: Opt out of certain data processing activities.
  7. Right to Withdraw Consent: Revoke consent at any time without affecting prior processing.

To exercise your rights, contact us at:
📧 privacy@signifa.online

We respond to all requests within 30 days in accordance with GDPR requirements.

7. Data Security

We implement technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction.
Our systems use encryption, secure connections (HTTPS), and restricted access to ensure your information stays safe.

8. Third-Party Services

We may use third-party service providers for analytics, advertising, or email communication (e.g., Google Analytics, Mailchimp).
Each provider complies with GDPR regulations and maintains its own privacy policies.

We ensure that all third parties handling EU user data are GDPR-compliant and provide equivalent data protection safeguards.

9. Data Transfers Outside the EEA

As Signifa.online operates globally, data may be transferred and processed in countries outside the EEA, including the USA.
In such cases, we ensure that data transfers are protected through:

  • Standard Contractual Clauses (SCCs), or
  • Other legal mechanisms recognized under the GDPR.

10. Cookies Policy

We use cookies to enhance functionality and improve performance.
You can accept, reject, or customize your cookie preferences at any time.
Please refer to our Cookie Policy for detailed information.

11. Data Breach Procedures

In the unlikely event of a data breach, we will:

  • Notify affected users within 72 hours of discovery.
  • Provide full details on the breach, affected data, and corrective measures.
  • Report the incident to relevant authorities when legally required.

12. Updates to This GDPR Policy

We may update this GDPR Compliance Statement as necessary to reflect changes in regulations, technology, or internal processes.
The latest version will always be available on this page with an updated “Last Updated” date.

13. Contact Our Data Protection Officer (DPO)

For questions, concerns, or GDPR-related requests, please contact:

📧 privacy@signifa.online
🌐 https://signifa.online
📍 Signifa Data Protection Office, San Francisco, CA, USA

Signifa.online — Transparent, Secure, and Fully GDPR-Compliant.