GDPR Compliance Statement

ArticleCentral.com

1. Introduction

ArticleCentral.com (“Company”, “we”, “us”, “our”) is committed to protecting personal data and complying with the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

This statement explains how we ensure compliance with the GDPR when processing personal data of individuals located in the European Economic Area (EEA).

2. Data Controller

ArticleCentral.com
Florastrasse 20
5734 Reinach
Switzerland

Email: [email protected]

We act as the Data Controller for personal data collected through our website and services.

3. Lawful Basis for Processing

We process personal data only when we have a lawful basis under Article 6 GDPR:

Contractual Necessity (Art. 6(1)(b))
To provide digital products, AI agents, workflows, or services purchased.
Legal Obligation (Art. 6(1)(c))
To comply with tax, accounting, and regulatory requirements.
Legitimate Interest (Art. 6(1)(f))
For fraud prevention, platform security, and service optimization.
Consent (Art. 6(1)(a))
For marketing communications, analytics cookies, and optional services.

4. Data Minimization & Purpose Limitation

We collect only the personal data necessary to:

Process orders
Deliver digital products
Provide support
Improve service quality
Comply with legal obligations

We do not process personal data for unrelated purposes.

5. Data Subject Rights

Under the GDPR, individuals located in the EEA have the following rights:

Right of access (Art. 15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure (“right to be forgotten”) (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to data portability (Art. 20 GDPR)
Right to object (Art. 21 GDPR)
Right to withdraw consent at any time

To exercise these rights, please contact:
[Contact Email]

We respond to requests within one month as required by law.

6. Data Security Measures

We implement appropriate technical and organizational measures to ensure data security, including:

SSL encryption
Secure hosting infrastructure
Access control restrictions
Role-based internal permissions
Regular software updates and monitoring

7. Data Retention

Personal data is retained only as long as necessary:

Account data: for the duration of the account
Transaction data: as required by accounting laws
Marketing data: until consent is withdrawn
Support data: for documentation and legal protection

Data is securely deleted or anonymized after retention periods expire.

8. International Data Transfers

If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards such as:

Standard Contractual Clauses (SCCs)
Adequacy decisions by the European Commission
Contractual data processing agreements

9. Data Processing Agreements (DPAs)

Where we engage third-party service providers (e.g., hosting providers, payment processors, email service providers), we ensure that:

Data Processing Agreements (DPAs) are in place
Providers comply with GDPR requirements
Appropriate security standards are maintained

10. Data Breach Notification

In the event of a personal data breach, we:

Assess risk immediately
Notify the relevant supervisory authority within 72 hours where required
Inform affected individuals if legally required

11. Supervisory Authority

Individuals located in the EU/EEA have the right to lodge a complaint with their local data protection authority.

12. Contact

For GDPR-related inquiries, please contact: