GDPR Compliance
Our commitment to data protection and your privacy rights under the General Data Protection Regulation (GDPR).
At 2Solutions, we are committed to protecting the privacy and security of our customers' and website visitors' personal data. This page outlines our approach to compliance with the General Data Protection Regulation (GDPR), which came into effect on May 25, 2018.
Our Commitment to GDPR Compliance
We have implemented appropriate technical and organizational measures to ensure that we and our service providers process personal data in accordance with GDPR requirements. Our compliance measures include:
- Conducting regular data protection impact assessments
- Implementing data protection by design and by default
- Maintaining records of processing activities
- Implementing appropriate security measures
- Ensuring data processing agreements are in place with all third-party processors
- Providing training to our staff on data protection
Your Rights Under GDPR
The GDPR provides you with specific rights regarding your personal data. We are committed to respecting these rights and have implemented processes to help you exercise them.
Right to be Informed
You have the right to be informed about the collection and use of your personal data.
Right of Access
You have the right to access your personal data and supplementary information.
Right to Rectification
You have the right to have inaccurate personal data rectified or completed if it is incomplete.
Right to Erasure
You have the right to request the deletion or removal of your personal data.
Right to Restrict Processing
You have the right to request the restriction or suppression of your personal data.
Right to Data Portability
You have the right to obtain and reuse your personal data across different services.
Right to Object
You have the right to object to the processing of your personal data in certain circumstances.
Rights Related to Automated Decision Making
You have the right not to be subject to a decision based solely on automated processing.
How to Exercise Your Rights
To exercise any of your rights under GDPR, please contact our Data Protection Officer using the contact information at the bottom of this page. We will respond to your request within 30 days of receipt.
For security purposes, we may need to verify your identity before processing your request. We may also ask for additional information to help us locate the personal data you're inquiring about.
Data Processing Activities
The following table outlines our main data processing activities, the types of data involved, and the legal basis for processing:
| Purpose | Data Type | Legal Basis | Retention Period |
|---|---|---|---|
| Account Management | Name, email, contact details | Contractual necessity | As long as account is active + 3 years |
| Service Provision | Account data, usage data, payment information | Contractual necessity | Duration of service + 7 years for tax records |
| Customer Support | Contact information, support tickets, communication history | Legitimate interest | 3 years after last contact |
| Marketing Communications | Name, email, preferences | Consent or legitimate interest | Until consent is withdrawn or 3 years of inactivity |
| Analytics & Improvement | Usage data, device information, cookies | Legitimate interest | 26 months |
| Security & Fraud Prevention | IP addresses, device information, access logs | Legal obligation and legitimate interest | 12 months |
Data Transfers Outside the EEA
As a global company, we may transfer personal data to countries outside the European Economic Area (EEA). When we do, we ensure appropriate safeguards are in place, such as:
- EU-U.S. Privacy Shield Framework (where applicable)
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Binding Corporate Rules (where applicable)
- Other legally accepted transfer mechanisms
Our Data Processors
We use third-party service providers (data processors) to help us provide our services. These providers are carefully selected and are contractually obligated to process personal data only as instructed and in compliance with GDPR requirements.
| Processor | Service | Location | GDPR Information |
|---|---|---|---|
| Amazon Web Services | Cloud Infrastructure | United States, EU (Frankfurt) | View Details |
| Stripe | Payment Processing | United States, EU | View Details |
| Google Cloud | Cloud Services & Analytics | United States, EU | View Details |
| Intercom | Customer Support | United States, EU | View Details |
| Mailchimp | Email Marketing | United States, EU | View Details |
Data Protection Officer
We have appointed a Data Protection Officer (DPO) to oversee compliance with data protection regulations. You can contact our DPO at:
Data Protection Officer
2Solutions Inc.
123 Business Avenue, Suite 100
San Francisco, CA 94107
United States
Supervisory Authority
If you have concerns about how we process your personal data, you have the right to lodge a complaint with your local data protection authority. For EU residents, you can find your national Data Protection Authority's contact information at edpb.europa.eu.
Changes to This Notice
We may update this GDPR Compliance Notice from time to time. We will notify you of any significant changes by posting the new notice on our website and updating the "Last updated" date at the top of this page.
Need More Information?
Our privacy team is here to answer any questions you may have about your data protection rights and our GDPR compliance.