GDPR Compliance

1. Overview

This GDPR compliance statement outlines how incremental processes and protects personal data in accordance with the General Data Protection Regulation (GDPR) of the European Union.

2. Data Controller and Data Processor

incremental acts as both a Data Controller and a Data Processor:

• As a Controller for our users' account information
• As a Processor for PPC campaign data and analytics

3. Legal Basis for Processing

We process personal data under the following legal bases:

• Contractual necessity for service provision
• Legal obligations for compliance
• Legitimate business interests
• Explicit consent where required

4. Data Subject Rights

Under GDPR, you have the following rights:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision-making

5. Data Protection Measures

We implement appropriate technical and organizational measures including:

• Encryption of personal data
• Regular security testing and assessments
• Access controls and authentication
• Data backup and recovery procedures
• Staff training on data protection

6. International Data Transfers

When transferring data outside the EEA, we ensure appropriate safeguards through:

• Standard contractual clauses
• Adequacy decisions
• Privacy Shield certification where applicable

7. Data Breach Procedures

In the event of a data breach, we will:

• Notify supervisory authorities within 72 hours
• Inform affected individuals without undue delay
• Document all breaches and remedial actions
• Review and update security measures

8. Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer:

Email: [email protected]