Your data protection rights under the General Data Protection Regulation (GDPR)
Last updated: January 20, 2025
Fieldero is committed to protecting the privacy and data rights of individuals in the European Economic Area (EEA), United Kingdom, and Switzerland. We comply fully with the General Data Protection Regulation (GDPR) and related data protection laws.
This page explains your rights under GDPR, how we process your personal data, and how you can exercise your rights. For comprehensive information about our data practices, please also review our Privacy Policy.
Under GDPR, we must have a lawful basis to process your personal data. We rely on the following legal bases:
Processing necessary to provide the Service and fulfill our contractual obligations to you (e.g., account management, service delivery, payment processing).
Processing necessary for our legitimate business interests (e.g., fraud prevention, service improvement, analytics) where not overridden by your data protection rights.
Where you have explicitly consented to specific processing activities (e.g., marketing emails, optional cookies). You can withdraw consent at any time.
Processing required to comply with legal obligations (e.g., tax reporting, financial record-keeping, responding to lawful requests from authorities).
As a data subject under GDPR, you have the following rights:
You have the right to request confirmation that we process your personal data and obtain a copy of that data. You can also request information about:
You have the right to request correction of inaccurate personal data or completion of incomplete data. You can update most information directly in your account settings or contact us for assistance.
You have the right to request deletion of your personal data in certain circumstances:
Note: This right is not absolute. We may need to retain certain data to comply with legal obligations (e.g., financial records for 7 years).
You can request that we limit how we process your data in certain situations:
You have the right to receive your personal data in a structured, commonly used, and machine-readable format (e.g., CSV, JSON) and transmit it to another controller.
This right applies when processing is based on consent or contract and is carried out by automated means.
You have the right to object to processing based on legitimate interests or for direct marketing purposes:
You have the right not to be subject to decisions based solely on automated processing (including profiling) that produce legal or similarly significant effects.
Current Status: Fieldero does not currently use automated decision-making or profiling that would significantly affect you. If this changes, we will notify you and obtain consent where required.
You can exercise your GDPR rights in the following ways:
Access, update, export, or delete your data directly through your account settings.
Go to Account Settings →Send an email to our Data Protection Officer with your request. Please include "GDPR Request" in the subject line and verify your identity.
Email: contact@fieldero.io
We will respond to your request within one month of receipt. In complex cases, we may extend this by two additional months, and we'll inform you of any delay.
Fieldero is based in the United States. When you use our Service, your personal data may be transferred to and processed in the US or other countries outside the EEA.
Safeguards in Place:
For more information about our data transfer safeguards, contact our Data Protection Officer at contact@fieldero.io.
We have appointed a Data Protection Officer to oversee our GDPR compliance. You can contact our DPO with any questions or concerns about how we process your personal data:
Email: contact@fieldero.io
Subject Line: Please include "GDPR Inquiry" or "DPO Request"
Response Time: We aim to respond within 72 hours
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority in the EEA country where you:
Note: We encourage you to contact us first so we can address your concerns directly. However, this does not affect your right to lodge a complaint with a supervisory authority.
Find your supervisory authority: European Data Protection Board - Member List
We retain personal data only for as long as necessary for the purposes outlined in our Privacy Policy:
| Data Type | Retention Period |
|---|---|
| Account data (active account) | Duration of account + 90 days after closure |
| Financial records (invoices, payments) | 7 years (legal requirement) |
| Marketing consent records | Until consent is withdrawn + 3 years |
| Analytics data | 24 months (anonymized) |
| Support tickets | 3 years after resolution |
| Backup copies | 90 days (then permanently deleted) |
Our Service is not directed at children under 16 years of age (or the applicable age of digital consent in your country). We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately at contact@fieldero.io and we will delete it.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
TLS/SSL for data in transit, AES-256 for data at rest
Role-based access, MFA, principle of least privilege
24/7 security monitoring, intrusion detection, audit logs
Security assessments, penetration testing, compliance audits
In the event of a personal data breach that poses a risk to your rights and freedoms, we will:
We may update this GDPR information page from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. Material changes will be communicated via email or prominent notice in the Service.
Our Data Protection Officer is here to help. We're committed to transparency and protecting your privacy rights under GDPR.