Legal

GDPR Compliance

Last updated: January 2025

1. Our Commitment to GDPR

Sintora Labs is committed to protecting your personal data and respecting your privacy rights in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements and your rights as a data subject.

2. Data Controller Information

Sintora Labs acts as the data controller for personal data collected through our website and services. For data protection inquiries, please contact:

Data Protection Contact

Email: gdpr@sintoralabs.com

3. Legal Basis for Processing

We process personal data based on the following legal grounds:

  • Contract: Processing necessary for the performance of a contract with you
  • Legitimate Interest: Processing necessary for our legitimate business interests
  • Consent: Processing based on your explicit consent
  • Legal Obligation: Processing necessary to comply with legal requirements

4. Your Rights Under GDPR

As a data subject, you have the following rights:

Right of Access

You can request a copy of your personal data that we hold.

Right to Rectification

You can request correction of inaccurate or incomplete data.

Right to Erasure

You can request deletion of your personal data in certain circumstances.

Right to Restrict Processing

You can request limitation of how we use your data.

Right to Data Portability

You can request your data in a machine-readable format.

Right to Object

You can object to processing based on legitimate interests.

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Retention periods vary based on:

  • The nature of the data and the purpose of processing
  • Legal and regulatory requirements
  • Contractual obligations
  • Business operational needs

6. International Data Transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with adequate data protection laws
  • Other legally approved transfer mechanisms

7. Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Regular security assessments
  • Employee training on data protection
  • Incident response procedures

8. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours. If the breach is likely to result in a high risk to you, we will also notify you directly.

9. Exercising Your Rights

To exercise any of your rights under GDPR, please submit a request to:

Email: gdpr@sintoralabs.com

Subject: GDPR Data Subject Request

We will respond to your request within 30 days. In complex cases, we may extend this period by up to two additional months, and we will inform you of any such extension.

10. Complaints

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. You can contact the supervisory authority in your country of residence or where the alleged violation occurred.

11. Updates to This Notice

We may update this GDPR compliance notice from time to time. We will notify you of any material changes by posting the updated notice on our website.