GDPR Compliance
Your privacy is our priority
Your Rights Under GDPR
As an EU resident, you have specific rights regarding your personal data.
Right to Access
Request a copy of all personal data we hold about you at any time.
Right to Rectification
Request correction of inaccurate or incomplete personal data.
Right to Erasure
Request deletion of your personal data under certain circumstances.
Right to Portability
Receive your data in a structured, machine-readable format.
Right to Object
Object to processing of your personal data for certain purposes.
Right to Restrict
Request restriction of processing under certain conditions.
GDPR FAQ
Common questions about our GDPR compliance.
What personal data do you collect?
We collect data necessary to provide our services, including account information (name, email), usage data, and any data you choose to store in our platform. We never sell your data to third parties.
Where is my data stored?
EU customer data is stored in our EU data centers (Ireland). We use AWS infrastructure with appropriate data processing agreements in place.
How long do you retain my data?
We retain your data for as long as your account is active. Upon account deletion, we remove personal data within 30 days, except where required for legal compliance.
Do you use sub-processors?
Yes, we use carefully selected sub-processors for services like hosting, email delivery, and payment processing. All have appropriate DPAs in place. Contact us for a complete list.
How do I exercise my rights?
You can exercise your GDPR rights by contacting our Data Protection team at privacy@custojo.com. We respond to all requests within 30 days as required by law.
Questions about your data?
Our Data Protection team is available to answer any questions about how we handle your personal data.