Liflio is committed to protecting your personal data and ensuring full compliance with the General Data Protection Regulation (GDPR).
Last updated: January 22, 2025 • Effective Date: January 22, 2025
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to all organizations processing personal data of EU/EEA residents. At Liflio, we've implemented robust measures to ensure full compliance.
All individuals whose personal data we process
Strict security measures and privacy by design
Clear information about how we use your data
Under GDPR, you have the following rights regarding your personal data:
Request a copy of all personal data we hold about you, including how it's used and who it's shared with.
Correct any inaccurate or incomplete personal data we hold about you.
Request deletion of your personal data ("right to be forgotten") under certain circumstances.
Export your personal data in a machine-readable format to transfer to another service.
Limit how we process your personal data under certain circumstances.
Object to processing of your personal data for marketing or other legitimate interests.
Withdraw your consent at any time where processing is based on consent.
File a complaint with your local data protection authority if you believe we've violated GDPR.
You can exercise your GDPR rights through multiple channels. We aim to respond to all requests within 30 days.
Identity Verification: To protect your privacy, we may need to verify your identity before processing certain requests. This helps prevent unauthorized access to your personal data.
We process your personal data based on the following legal grounds under GDPR:
Processing necessary to provide our services, manage your account, and fulfill our contractual obligations.
Processing for legitimate business purposes where our interests don't override your privacy rights.
Processing based on your explicit consent, which you can withdraw at any time.
Processing required to comply with legal obligations and regulatory requirements.
We implement appropriate technical and organizational measures to ensure data security:
When we transfer personal data outside the EU/EEA, we ensure appropriate safeguards are in place:
Transfers to countries with adequate data protection levels as recognized by the European Commission.
EU-approved contract terms that ensure appropriate data protection standards.
Internal policies approved by data protection authorities for intra-group transfers.
Industry-recognized certifications that demonstrate compliance with GDPR requirements.
Supervisory Authority: If you're not satisfied with our response to your privacy request, you can contact your local data protection authority. For EU residents, find your authority at EDPB member list.