GDPR Compliance

1. Introduction

Bager Technology Inc. ("we," "us," or "our") is committed to protecting the privacy and security of your personal data. This GDPR Compliance Statement explains how we collect, use, and protect your personal data in accordance with the General Data Protection Regulation (GDPR).

Bager Technology Inc. is a company registered in the United States with registered address at 166 Geary Street Ste 1500 San Francisco, CA, 94108 US.

This GDPR Compliance Statement should be read in conjunction with our Privacy Policy, Cookie Policy, and Terms of Service.

2. Data Controller

Bager Technology Inc. is the data controller responsible for your personal data. This means that we determine the purposes and means of processing your personal data.

Our contact details are:

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this GDPR Compliance Statement. If you have any questions about this statement, including any requests to exercise your legal rights, please contact the DPO via email at hey@bagertechnology.com.

3. GDPR Principles

We adhere to the principles set out in the GDPR when processing your personal data, which means that your data will be:

• Processed lawfully, fairly, and transparently: We are clear about how we collect and use your data and will only process it in ways you would reasonably expect.
• Collected for specified, explicit, and legitimate purposes: We only collect your data for specific purposes and will not use it for anything else without your consent.
• Adequate, relevant, and limited: We only collect what we need for the purposes we've explained to you.
• Accurate and kept up to date: We keep your data accurate and up to date, correcting any inaccuracies without delay.
• Kept for no longer than necessary: We don't keep your data for longer than we need it.
• Processed securely: We protect your data from unauthorized or unlawful processing, accidental loss, destruction, or damage.

4. Lawful Basis for Processing

Under the GDPR, we must have a lawful basis for processing your personal data. The lawful bases we rely on are:

5. Your Rights Under GDPR

Under the GDPR, you have the following rights, which we will always work to uphold:

To exercise any of these rights, please contact us at hey@bagertechnology.com.

6. International Data Transfers

We may transfer your personal data to countries outside the European Economic Area (EEA). When we do, we ensure a similar degree of protection is afforded to it by implementing at least one of the following safeguards:

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
• Where we use service providers based outside the EEA, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe (Standard Contractual Clauses).
• Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield, which requires them to provide similar protection to personal data shared between Europe and the US.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data outside the EEA.

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Details of retention periods for different aspects of your personal data are available in our Privacy Policy.

9. Children's Data

Our Services are not intended for children under the age of 16, and we do not knowingly collect data relating to children under 16. If we learn that we have collected personal data from a child under 16, we will take steps to delete that information as soon as possible.

10. Changes to this GDPR Compliance Statement

We may update this GDPR Compliance Statement from time to time. The updated version will be indicated by an updated "Last Updated" date at the top of this page. We encourage you to review this statement periodically to stay informed about how we are protecting your information.

11. Complaints

If you have any concerns about our use of your personal data, you can make a complaint to us at hey@bagertechnology.com.

You also have the right to complain to the California Privacy Protection Agency (CPPA), the supervisory authority for data protection issues in California. Their contact details are:

However, we would appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us in the first instance.