Reica is committed to protecting your privacy and ensuring compliance with the European Union's General Data Protection Regulation (GDPR). This page outlines how we safeguard your personal data and respect your rights.
As a technology company serving users across the European Union, Reica fully complies with GDPR requirements. We have implemented comprehensive data protection measures and respect all individual rights outlined in the regulation.
We process personal data only when we have a valid legal basis, such as consent, contract fulfillment, or legitimate interests.
We implement appropriate technical and organizational measures to ensure data security and prevent unauthorized access.
Under GDPR, you have specific rights regarding your personal data. Here's how to exercise them with Reica:
You have the right to know how we process your personal data.
How to exercise: Review our Privacy Policy or contact our DPO for detailed information.
You can request a copy of the personal data we hold about you.
How to exercise: Log into your account settings or email gdpr@getreica.com with subject "Data Access Request"
You can correct inaccurate or incomplete personal data.
How to exercise: Update information in your account profile or contact support for assistance.
You can request deletion of your personal data ("right to be forgotten").
How to exercise: Delete your account through settings or email gdpr@getreica.com with subject "Data Deletion Request"
You can limit how we process your data in certain circumstances.
How to exercise: Contact gdpr@getreica.com with specific processing restrictions you'd like to implement.
You can receive your data in a structured, machine-readable format.
How to exercise: Use the "Export Data" feature in your account or request a data export via email.
You can object to processing based on legitimate interests or for direct marketing.
How to exercise: Update your communication preferences or contact gdpr@getreica.com to object to specific processing.
We process your personal data based on the following lawful bases under GDPR Article 6:
When we transfer personal data outside the European Economic Area (EEA), we ensure adequate protection through:
We use EU-approved Standard Contractual Clauses for transfers to third countries, ensuring the same level of data protection as within the EU.
We only transfer data to countries with EU adequacy decisions, such as the UK, Switzerland, and Canada.
We implement technical measures like encryption and conduct regular assessments of third-country data protection laws.
We conduct Data Protection Impact Assessments for high-risk processing activities, including:
These assessments help us identify and mitigate privacy risks before implementing new features or processes.
In the unlikely event of a data breach, we follow strict GDPR procedures:
We notify the relevant supervisory authority within 72 hours of becoming aware of a breach.
We inform affected users without undue delay if the breach poses a high risk to their rights and freedoms.
We document all breaches, including facts, effects, and remedial actions taken.
For any GDPR-related questions or to exercise your rights, contact our Data Protection Officer:
Email: gdpr@getreica.com
Subject Line: GDPR Request - [Your Request Type]
Response Time: Within 30 days
If you believe we have not adequately addressed your GDPR concerns, you have the right to lodge a complaint with your local supervisory authority. Some key authorities include:
Website: edpb.europa.eu
Directory: EDPB Members
We regularly review and update our GDPR compliance practices. Any significant changes will be communicated through: