GDPR Compliance

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR).

Our Commitment

Sesquatch is committed to GDPR compliance. We have implemented appropriate technical and organizational measures to ensure the protection of personal data processed through our Service.

Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights:

Right to Access

You have the right to request a copy of the personal data we hold about you.

Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data.

Right to Erasure

You have the right to request deletion of your personal data under certain circumstances.

Right to Restrict Processing

You have the right to request restriction of processing of your personal data.

Right to Data Portability

You have the right to receive your personal data in a structured, machine-readable format.

Right to Object

You have the right to object to processing of your personal data for certain purposes.

Legal Basis for Processing

We process personal data under the following legal bases:

  • Contract Performance: Processing necessary to provide our services to you
  • Legitimate Interests: Processing for our legitimate business interests, such as improving our services
  • Legal Obligation: Processing necessary to comply with legal requirements
  • Consent: Processing based on your explicit consent, where applicable

Data We Collect

We collect and process the following categories of personal data:

  • Account information (name, email address)
  • Organization information
  • Usage data and analytics
  • Technical data (IP address, browser information)
  • Payment information (processed by Stripe)

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

  • Account data is retained until you delete your account
  • Activity logs are retained for 7 days (Free) or 90 days (Pro)
  • Billing records are retained as required by tax laws

International Data Transfers

Your data may be transferred to and processed in countries outside the EEA. When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data processing agreements with all third-party processors
  • Technical measures to protect data during transfer

Sub-Processors

We use the following sub-processors to provide our services:

  • Amazon Web Services (AWS): Cloud infrastructure and hosting (various regions)
  • Stripe: Payment processing (USA)

Exercising Your Rights

To exercise any of your GDPR rights, please:

  • Contact us through our contact page
  • Provide sufficient information to verify your identity
  • Specify which right(s) you wish to exercise

We will respond to your request within 30 days. If we need additional time, we will inform you of the reason and extension period.

Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with your local data protection authority. However, we encourage you to contact us first so we can address your concerns.

Data Protection Questions

For GDPR-related inquiries, you can contact our data protection team.

Contact us