Home
Brandmoshai
Brandmoshai
Brandmoshai
Start a project
Log inSign up

GDPR Compliance

Last updated: March 20, 2026

Brandmoshai is committed to protecting the privacy and rights of individuals in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR when handling personal data of EU/EEA residents.

1. Lawful Basis for Processing

We process personal data only when we have a lawful basis:

  • Contractual necessity: Processing required to fulfill our service agreements.
  • Legitimate interest: To improve services, ensure security, and communicate updates.
  • Consent: For marketing communications and non-essential cookies.
  • Legal obligation: When required by applicable law.

2. Your Rights Under GDPR

If you are an EU/EEA resident, you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data, subject to legal retention requirements.
  • Right to restrict processing: Request that we limit how we use your data.
  • Right to data portability: Receive your data in a structured, machine-readable format.
  • Right to object: Object to processing based on legitimate interests.

3. Data Protection Officer

For GDPR inquiries, contact our data protection team at [email protected]. We aim to respond within 30 days.

4. Data Transfers

When personal data is transferred outside the EU/EEA, we ensure appropriate safeguards including Standard Contractual Clauses (SCCs) and data processing agreements with our service providers.

5. Data Breach Notification

In the event of a data breach posing risk to data subjects, we will notify the relevant supervisory authority within 72 hours. Affected individuals will also be notified without undue delay.

6. Data Minimization

We collect only the personal data necessary for its intended purpose. We regularly review data collection practices.

7. Data Retention

Personal data is retained only as long as necessary. Client project data is retained for 12 months post-completion unless a longer retention is legally required.

8. Third-Party Processors

We use select third-party services that may process personal data:

  • Cloud hosting and storage providers
  • Analytics and website optimization tools
  • Payment processing services
  • Communication and project management platforms

All processors are bound by data processing agreements ensuring GDPR compliance.

9. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local supervisory authority. We encourage you to contact us first so we can resolve concerns directly.

Legal

Terms & ConditionsPrivacy PolicyRefund PolicyGDPR Compliance

Need help?

Have a question about our policies? We're here to help.

Contact us