A1. Legal Basis for Processing (Article 6 GDPR)
We process personal data under the following legal grounds:
- Contractual Necessity: To provide our services.
- Legitimate Interest: Improving services, fraud detection, analytics.
- Consent: Marketing, cookies, optional features.
- Legal Obligation: Compliance with applicable laws.
A2. Your GDPR Rights
Under GDPR, EU users have the following rights:
- Right of Access You may request a copy of your personal data.
- Right to Rectification You may ask us to correct inaccurate or incomplete information.
- Right to Erasure ("Right to Be Forgotten") You may request deletion of your data, subject to legal retention periods.
- Right to Restrict Processing
- Right to Data Portability Receive your data in a structured, machine-readable format.
- Right to Object You may object to processing based on legitimate interests or marketing.
- Right to Withdraw Consent If processing is based on consent, you may withdraw it anytime.
-
To exercise your rights, email us at: support@erpsoftware.com
A3. Data Processor / Data Controller Relationship
Depending on how you use our services:
- For account and billing data → We act as Data Controller
- For ERP system data you input into our platform → We act as Data Processor, processing data on your behalf under instructions.
- A Data Processing Agreement (DPA) is available on request.
A4. Data Transfers to Non-EU Countries
We ensure GDPR-compliant safeguards, including:
- Standard Contractual Clauses (SCCs)
- Vendor compliance reviews
- Additional technical protections (encryption, access controls)
A5. Supervisory Authority Complaint
You have the right to lodge a complaint with your local data protection authority in the EU.