Converso is committed to compliance with the General Data Protection Regulation (GDPR). This page explains your rights under GDPR and how we protect your personal data.
GDPR-Compliant
We process personal data in accordance with GDPR requirements and respect your fundamental rights regarding your personal information.
What is GDPR?
The General Data Protection Regulation (GDPR) is a European Union regulation that came into effect on May 25, 2018. It strengthens and unifies data protection for individuals within the EU and addresses the export of personal data outside the EU.
GDPR gives you greater control over your personal data and ensures that organizations handle your data responsibly and transparently.
Your Rights Under GDPR
As a data subject, you have the following rights:
Right to Access
You can request a copy of the personal data we hold about you, including how it's being processed.
Right to Rectification
You can request correction of inaccurate or incomplete personal data.
Right to Erasure
You can request deletion of your personal data in certain circumstances (also known as 'the right to be forgotten').
Right to Restrict Processing
You can request that we limit how we use your personal data in certain circumstances.
Right to Data Portability
You can request a copy of your data in a structured, machine-readable format.
Right to Object
You can object to processing of your personal data for certain purposes, such as direct marketing.
Right to Withdraw Consent
Where processing is based on consent, you can withdraw your consent at any time.
Right to Lodge a Complaint
You have the right to file a complaint with your local data protection authority.
How We Process Your Data
Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Contract: To fulfill our contractual obligations and provide the Service
- Consent: When you have given explicit consent for specific processing activities
- Legitimate Interest: For purposes such as security, fraud prevention, and service improvement
- Legal Obligation: To comply with applicable laws and regulations
Data Minimization
We follow the principle of data minimization, collecting only the personal data that is necessary for the purposes for which it is processed.
Data Security Measures
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption of data in transit and at rest
- Regular security assessments and audits
- Access controls and authentication mechanisms
- Employee training on data protection
- Incident response procedures
- Regular backups and disaster recovery plans
Data Processing Agreements
When we use third-party service providers (data processors) to help us deliver our Service, we ensure they meet GDPR requirements through Data Processing Agreements (DPAs).
Our Data Processors Include:
- Cloud hosting providers (for data storage)
- Payment processors (for transaction processing)
- Analytics providers (for usage statistics)
- Email service providers (for communications)
All our data processors are contractually obligated to protect your data and comply with GDPR requirements.
Data Breach Notification
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected users without undue delay.
Exercising Your Rights
To exercise any of your GDPR rights, please contact us using the information below. We will respond to your request within one month (or within two months for complex requests).
GDPR Request Form
Email: privacy@converso.com
When making a request, please include:
- Your full name and email address
- The specific right you wish to exercise
- Any relevant details to help us process your request
Data Protection Officer
If you have any questions or concerns about how we handle your personal data under GDPR, you can contact our Data Protection Officer:
Data Protection Officer
Email: dpo@converso.com
For more information about how we handle your personal data, please refer to our Privacy Policy.
This GDPR page was last updated on January 16, 2026.