GDPR Compliance
Last Updated: June 5, 2025
GDPR Overview: This section outlines how Arqanex Ltd. complies with the General Data Protection Regulation (GDPR) for EU/EEA users.
1. Data Protection Principles
We adhere to the following principles for processing personal data:
- Lawfulness, fairness, and transparency
- Purpose limitation—data collected for specified purposes only
- Data minimization—only what is necessary for processing
- Accuracy—keeping data up-to-date
- Storage limitation—retaining data only as long as necessary
- Integrity and confidentiality—appropriate security measures
- Accountability—we are responsible for demonstrating compliance
2. Lawful Bases for Processing
We process personal data based on:
- Consent—when you have given clear consent
- Contract—processing necessary for a contract with you
- Legal obligation—complying with laws or regulations
- Legitimate interests—pursuing our legitimate interests balanced against your rights
3. Data Subject Rights
Under GDPR, you have the following rights:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate data
- Erasure: Delete your data ("right to be forgotten")
- Restriction: Limit processing of your data
- Portability: Receive your data in a portable format
- Objection: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent at any time
4. Data Protection Officer (DPO)
5. International Transfers
When transferring data outside the EEA, we ensure adequate safeguards, such as EU Standard Contractual Clauses or adequacy decisions.
6. Security Measures
We implement appropriate technical and organizational measures to ensure data security and confidentiality.