GDPR Compliance

Your data protection rights under European law

GDPR Compliant since May 25, 2018 | Last updated: December 28, 2024

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It strengthens data protection for individuals within the European Union (EU) and applies to any organization that processes personal data of EU residents.

Blogur is fully GDPR compliant

We have implemented comprehensive measures to ensure your personal data is protected in accordance with GDPR requirements.

Your rights under GDPR

If you are a resident of the European Union, you have the following rights regarding your personal data:

Right to Access

You have the right to request copies of your personal data and information about how we process it.

Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or incomplete.

Right to Erasure

You have the right to request that we erase your personal data under certain conditions ("right to be forgotten").

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data under certain conditions.

Right to Object

You have the right to object to our processing of your personal data under certain conditions.

Right to Data Portability

You have the right to request that we transfer your data to another organization or directly to you in a structured, commonly used format.

How we protect your data

We have implemented several measures to ensure GDPR compliance:

Technical Safeguards
  • Data encryption in transit and at rest
  • Regular security audits and penetration testing
  • Access controls and authentication systems
  • Automated backup and disaster recovery systems
Organizational Measures
  • Privacy by design in all our systems
  • Regular staff training on data protection
  • Data Protection Impact Assessments (DPIAs)
  • Clear data retention and deletion policies
Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds:

  • Consent: When you have given clear consent for us to process your data
  • Contract: When processing is necessary for a contract with you
  • Legal obligation: When we must process data to comply with the law
  • Legitimate interests: When we have legitimate business interests

Data transfers outside the EU

We may transfer your personal data to countries outside the European Economic Area (EEA). When we do, we ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules (BCRs)
  • Certification schemes and codes of conduct

Data retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Account data: Until you delete your account or request deletion
  • Transaction data: For 7 years as required by tax and accounting laws
  • Marketing data: Until you withdraw consent or object to processing
  • Support data: For 3 years after case closure

Making a GDPR request

To exercise any of your GDPR rights, please contact us using the information below. We will respond to your request within 30 days.

What we need from you:
  • Clear identification of the right you wish to exercise
  • Sufficient information to verify your identity
  • Specific details about your request
Contact Information

Complaints and supervisory authority

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local supervisory authority.

You can find your local Data Protection Authority at: European Data Protection Board

We encourage you to contact us first so we can address your concerns directly.