GDPR Compliance
LinkGuard.ai ("we," "our," "us") is committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR). This page explains your rights as a data subject and how we ensure GDPR compliance across all our operations.
1. Data Controller
LinkGuard.ai acts as the data controller for personal data collected through our platform, determining the purposes and means of processing your personal data.
Data Protection Officer: For any data protection inquiries, requests, or complaints, contact our Data Protection team at: dpo@linkguard.ai
2. Your Rights Under GDPR
As a data subject under the General Data Protection Regulation, you have the following rights:
Right to Access (Article 15)
Obtain confirmation of whether we process your personal data and access that data along with information about how it is processed.
Account Settings → Privacy → Export Data
Right to Rectification (Article 16)
Have inaccurate personal data corrected and incomplete data completed without undue delay.
Account Settings → Profile → Edit
Right to Erasure (Article 17)
Request deletion of your personal data when it is no longer necessary, you withdraw consent, or data was unlawfully processed.
Account Settings → Privacy → Delete Account
Right to Restriction (Article 18)
Restrict processing when you contest accuracy, object to processing, or need data for legal claims.
Contact: support@linkguard.ai
Right to Portability (Article 20)
Receive your personal data in a structured, commonly used, machine-readable format (JSON/CSV).
Account Settings → Privacy → Export Data
Right to Object (Article 21)
Object to processing based on legitimate interests, including profiling. We will stop unless we have compelling grounds.
Contact: dpo@linkguard.ai
2.7 Rights Related to Automated Decision-Making (Article 22)
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. LinkGuard.ai does not make such automated decisions affecting your rights.
3. Legal Basis for Processing
We process personal data under the following legal bases as required by Article 6 of the GDPR:
| Processing Activity | Legal Basis | GDPR Article |
|---|---|---|
| Account creation and management | Contract performance | Art. 6(1)(b) |
| Link monitoring service delivery | Contract performance | Art. 6(1)(b) |
| Service notifications and alerts | Legitimate interest | Art. 6(1)(f) |
| Marketing communications | Consent | Art. 6(1)(a) |
| Analytics and service improvement | Legitimate interest | Art. 6(1)(f) |
| Legal compliance and disputes | Legal obligation | Art. 6(1)(c) |
| Fraud prevention and security | Legitimate interest | Art. 6(1)(f) |
4. Data Processing Agreements
In accordance with Article 28 of the GDPR, we have Data Processing Agreements (DPAs) in place with all sub-processors who handle personal data on our behalf. These agreements ensure:
- Sub-processors only process data on our documented instructions
- Appropriate technical and organizational security measures are implemented
- Sub-processors assist us in fulfilling data subject requests
- Data is deleted or returned upon termination of services
- Sub-processors submit to audits and inspections
5. International Data Transfers
When we transfer personal data outside the European Economic Area (EEA), we ensure adequate protection through one or more of the following mechanisms:
- Standard Contractual Clauses (SCCs) — EU Commission-approved contracts ensuring GDPR-level protection
- Adequacy Decisions — Transfers to countries recognized by the EU as providing adequate data protection
- Binding Corporate Rules — For transfers within corporate groups with approved internal policies
- Supplementary Measures — Additional technical and organizational measures where required
6. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, in accordance with Article 5(1)(e) of the GDPR:
| Data Category | Retention Period | Rationale |
|---|---|---|
| Account information | Duration of account + 30 days | Service provision |
| Link monitoring data | Duration of account + 90 days | Service history |
| Payment records | 7 years | Legal requirement |
| Support communications | 3 years | Service improvement |
| Security logs | 1 year | Security and fraud prevention |
7. Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will comply with Articles 33 and 34 of the GDPR:
- Supervisory Authority Notification — We will notify the relevant supervisory authority within 72 hours of becoming aware of the breach
- Data Subject Communication — We will communicate the breach to affected individuals without undue delay when there is a high risk to rights and freedoms
- Documentation — We maintain records of all breaches, including facts, effects, and remedial actions taken
- Mitigation — We will take immediate steps to contain the breach and mitigate potential adverse effects
8. Contact and Complaints
For any GDPR-related inquiries, to exercise your data subject rights, or to raise concerns about our data processing practices:
- Data Protection Officer: dpo@linkguard.ai
- General Support: support@linkguard.ai
- Response Time: We will respond to your request within 30 days as required by GDPR
Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in your EU Member State of residence, place of work, or place of the alleged infringement if you believe your data protection rights have been violated.