QByteSoft
Regulation

GDPR Compliance

Commitment to the protection of personal data and data security requirements under the General Data Protection Regulation (GDPR) for all European Union residents.

1. Our Data Protection Commitments

QByteSoft acts primarily as a **Data Controller** when handling website inquiries, and as a **Data Processor** when delivering custom platforms, cloud pipelines, or Shopify setups for our clients. We adhere strictly to core GDPR principles:

  • Lawfulness, fairness, and transparency: We explain what we collect and use it only for declared purposes.
  • Purpose limitation: Data is not recycled or shared for unrelated processes.
  • Data minimization: We collect only the minimum info needed to schedule consultations or host SaaS accounts.
  • Storage limitation: We retain data only as long as necessary for business, tax, and legal requirements.
  • Integrity and confidentiality: Data is secured using encrypted connections and standard cloud storage isolation.

2. Data Subject Rights Under GDPR

If you are a resident of the European Economic Area (EEA), you possess the following rights regarding your personal records:

Right of Access

You can request full confirmation and details on how we process your personal data.

Right to Rectification

You can demand that we correct inaccurate or outdated information immediately.

Right to Erasure

You can ask that we delete all your records ("Right to be Forgotten") if retention is not required by law.

Right to Object & Restrict

You can object to our processing bases, including marketing emails or vector parsing.

3. Third-Party Data Processors

QByteSoft uses sub-processors to assist in delivering development contracts and business operations. Each processor is vetted to ensure GDPR alignment:

  • Cloud Infrastructure: AWS (EU regions where requested) and Coolify platform containers.
  • Payment Services: Stripe Inc. (compliant under PCI-DSS and EU data transfer frameworks).
  • AI Services: Custom vector indexes built on AWS, with APIs routing through OpenAI and Google Gemini (processing requests on opt-in, ensuring zero data retention for training purposes).

Submit a Data Subject Request

If you wish to access, correct, port, or request the deletion of your personal records from QByteSoft servers, please contact our Data Protection Officer (DPO):

info@qbytesoft.com