GDPR Compliance
Your data protection rights under the General Data Protection Regulation and how Eggi ensures compliance.
What is GDPR?
Protection
GDPR protects EU citizens' personal data and privacy rights.
Rights
Gives you control over how your personal data is collected and used.
Global
Applies to any company processing EU citizens' data worldwide.
Eggi's GDPR Commitment
As a Netherlands-based company, Eggi is fully committed to GDPR compliance. We have implemented comprehensive data protection measures, appointed a Data Protection Officer, and designed our systems with privacy by design principles.
This page explains your rights under GDPR and how you can exercise them when using Eggi.
Your Data Protection Rights
Right to Access
Request a copy of all personal data we hold about you.
Right to Rectification
Correct any inaccurate or incomplete personal data.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Restrict Processing
Limit how we process your personal data in certain circumstances.
Right to Data Portability
Receive your data in a structured format and transfer it to another service.
Right to Object
Object to processing for direct marketing or legitimate interests.
Why We Process Your Data
Under GDPR, we must have a lawful basis for processing your personal data. Here are the legal grounds we rely on:
✅ Consent
What: Marketing emails, location tracking, analytics cookies
Why: You have given clear consent for specific purposes
Your control: Withdraw consent anytime in app settings
📄 Contract Performance
What: Account creation, app functionality, customer support
Why: Necessary to provide the Eggi service you signed up for
Your control: Required for service delivery; deletion ends service
⚖️ Legitimate Interests
What: Product improvement, fraud prevention, security
Why: Necessary for our business while respecting your privacy
Your control: Object to processing; we'll stop unless compelling grounds exist
🏛️ Legal Obligation
What: Tax records, regulatory compliance, law enforcement requests
Why: Required by Dutch or EU law
Your control: Cannot object; legally required processing
International Data Transfers
🇪🇺 EU/EEA Processing
We primarily process your data within the EU/EEA, including our primary servers in Amsterdam.
- • Primary data centers in Netherlands
- • Backup systems in Germany
- • Customer support in Amsterdam
🌍 Third Country Transfers
Some service providers are located outside the EU. We ensure adequate protection through:
- • Standard Contractual Clauses (SCCs)
- • Adequacy decisions
- • Additional security measures
🔒 Transfer Safeguards
All international data transfers are protected by appropriate safeguards as required by GDPR Articles 44-49. We regularly review and update our transfer mechanisms to ensure continued compliance.
How to Exercise Your Rights
📱 Through the App
- 1. Go to Settings → Privacy & Data
- 2. Select the right you want to exercise
- 3. Follow the guided process
- 4. Receive confirmation of your request
📧 By Email
- 1. Email [email protected]
- 2. Include your account email
- 3. Specify which right you want to exercise
- 4. We'll respond within 30 days
⏱️ Response Times
File a Complaint
Not satisfied with how we handled your data rights request? You have the right to complain.
🏢 Contact Us First
We encourage you to contact our Data Protection Officer first. Most issues can be resolved quickly.
🏛️ Supervisory Authority
You can file a complaint with the Dutch Data Protection Authority or your local data protection authority.