GDPR Compliance
Our commitment to protecting your data under the General Data Protection Regulation
Red Green Solutions LLC, operating MyAdAnalytics, is fully committed to complying with the General Data Protection Regulation (GDPR). This page provides detailed information about how we protect your personal data and ensure your rights under GDPR.
1. Data Controller Information
Company: Red Green Solutions LLC
DBA: MyAdAnalytics
Data Protection Officer: dpo@myadanalytics.com
Contact: privacy@myadanalytics.com
EU Representative: [To be appointed]
2. Your Rights Under GDPR
As an EU/EEA resident, you have the following rights regarding your personal data:
✓ Right to Access (Article 15)
You can request a copy of your personal data we hold, including information about how we process it.
✓ Right to Rectification (Article 16)
You can request correction of any inaccurate or incomplete personal data.
✓ Right to Erasure (Article 17)
Also known as the "right to be forgotten," you can request deletion of your personal data under certain circumstances.
✓ Right to Data Portability (Article 20)
You can request your data in a structured, machine-readable format to transfer to another service.
✓ Right to Restrict Processing (Article 18)
You can request that we limit how we use your personal data in certain situations.
✓ Right to Object (Article 21)
You can object to processing of your personal data for direct marketing or based on legitimate interests.
✓ Right to Withdraw Consent
Where processing is based on consent, you can withdraw it at any time without affecting prior processing.
✓ Right to Lodge a Complaint
You can file a complaint with your local supervisory authority if you believe your rights have been violated.
3. How to Exercise Your Rights
To exercise any of your GDPR rights:
- Email us at privacy@myadanalytics.com
- Include proof of identity (we may request additional information to verify your identity)
- Specify which right(s) you wish to exercise
- Provide any relevant details to help us process your request
We will respond to your request within 30 days, as required by GDPR. Complex requests may require an extension of up to 2 additional months, in which case we will inform you.
4. Legal Basis for Processing
We process your personal data under the following legal bases:
| Processing Activity | Legal Basis |
|---|---|
| Account creation and management | Contract performance |
| Providing analytics services | Contract performance |
| Billing and payments | Contract performance & Legal obligation |
| Marketing communications | Consent |
| Product improvements | Legitimate interests |
| Security and fraud prevention | Legitimate interests & Legal obligation |
| Compliance with laws | Legal obligation |
5. Data Protection Measures
We implement comprehensive technical and organizational measures to protect your data:
Technical Measures
- End-to-end encryption for data in transit (TLS 1.3)
- Encryption at rest using AES-256
- Regular security audits and penetration testing
- Web Application Firewall (WAF) protection
- DDoS protection and mitigation
- Regular automated backups with encryption
- Multi-factor authentication (MFA) available
Organizational Measures
- Data protection training for all employees
- Access controls and principle of least privilege
- Data Protection Impact Assessments (DPIA)
- Vendor due diligence and data processing agreements
- Incident response procedures
- Regular policy reviews and updates
6. International Data Transfers
When we transfer your data outside the EU/EEA, we ensure appropriate safeguards:
- Standard Contractual Clauses (SCCs): EU Commission-approved contract terms
- Adequacy Decisions: Transfers to countries with adequate protection levels
- Supplementary Measures: Additional technical and organizational safeguards
7. Data Retention Periods
| Data Category | Retention Period | Basis |
|---|---|---|
| Account data | Active account + 30 days | Service provision |
| Analytics data | 24 months | Historical analysis |
| Billing records | 7 years | Legal requirement |
| Support tickets | 3 years | Service improvement |
| Marketing preferences | Until withdrawn | Consent-based |
8. Data Breach Notification
In the event of a data breach that poses a risk to your rights and freedoms:
- We will notify the relevant supervisory authority within 72 hours
- We will notify affected users without undue delay
- We will provide information about the breach and steps to protect yourself
- We will document all breaches and remediation actions
9. Privacy by Design
We implement privacy by design principles in all our operations:
- Proactive not reactive: Preventing privacy issues before they occur
- Privacy as default: Maximum privacy protection without requiring action from you
- Full functionality: Achieving both privacy and functionality
- End-to-end security: Secure data throughout its lifecycle
- Visibility and transparency: Clear communication about data practices
- User-centric: Prioritizing user privacy interests
10. Sub-processors
We use the following sub-processors who may process your data:
| Sub-processor | Service | Location |
|---|---|---|
| Amazon Web Services | Cloud hosting | EU (Frankfurt) |
| Stripe | Payment processing | EU/US |
| SendGrid | Email services | EU/US |
| Google Analytics | Analytics | EU/US |
All sub-processors are bound by data processing agreements ensuring GDPR compliance.
11. Supervisory Authority
You have the right to lodge a complaint with a supervisory authority. Find your local authority:
European Data Protection Board:
Find your national supervisory authority
12. Questions and Contact
For any GDPR-related questions or to exercise your rights:
Data Protection Officer
Email: dpo@myadanalytics.com
Privacy Team
Email: privacy@myadanalytics.com
Response Time: Within 30 days
Languages: English, German, French, Spanish
Our Commitment: We are dedicated to protecting your privacy and ensuring full GDPR compliance. Your trust is our priority.
