Screenshotly

GDPR Compliance

Last updated: February 28, 2026

Our Commitment to GDPR

Screenshotly is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract: To provide our screenshot API service and process payments
  • Legitimate Interests: To improve our service, prevent fraud, and ensure security
  • Consent: For marketing communications and optional analytics
  • Legal Obligation: To comply with applicable laws and regulations

Your Rights Under GDPR

As a data subject, you have the following rights:

Right of Access

You can request access to your personal data and information about how we process it.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data under certain circumstances.

Right to Restrict Processing

You can request limitation of processing in specific situations.

Right to Data Portability

You can request your data in a structured, machine-readable format.

Right to Object

You can object to processing based on legitimate interests or for direct marketing.

Data Protection Measures

  • End-to-end encryption for all data transmission
  • Secure data storage with regular backups
  • Access controls and authentication measures
  • Regular security audits and assessments
  • Data minimization - we only collect necessary data
  • Purpose limitation - data used only for stated purposes

Data Retention

We retain personal data only as long as necessary:

  • Account Data: Retained while your account is active
  • API Logs: Automatically deleted after 30 days
  • Payment Data: Retained for 7 years for tax compliance
  • Marketing Data: Until you withdraw consent

International Transfers

Our services are hosted on secure infrastructure with appropriate safeguards:

  • EU data is processed within the EU where possible
  • Third-party processors are carefully vetted
  • Standard Contractual Clauses used for transfers outside EU
  • Regular monitoring of data protection compliance

Data Breach Procedures

In the unlikely event of a data breach:

  • We will assess the breach within 24 hours
  • Relevant authorities will be notified within 72 hours if required
  • Affected individuals will be informed without undue delay
  • Immediate steps will be taken to contain and remedy the breach

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: gdpr@screenshotly.app
Subject: GDPR Request - [Your Request Type]
Response Time: Within 30 days

We may need to verify your identity before processing your request to ensure data security.

Contact Our DPO

If you have any questions about our GDPR compliance or wish to file a complaint, you can contact our Data Protection Officer at dpo@screenshotly.app or lodge a complaint with your local supervisory authority.