Infilove - Share Your Heart, Connect Forever

1. Introduction

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It applies to all organizations processing the personal data of individuals in the European Union (EU), regardless of where the organization is based.

At Infilove, we are committed to protecting your privacy and ensuring compliance with GDPR. This page outlines how we comply with GDPR requirements and explains your rights under this regulation.

2. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Consent: You have given clear consent for us to process your personal data for specific purposes
Contract: Processing is necessary to fulfill our contract with you (providing the Service)
Legal Obligation: Processing is necessary to comply with legal obligations
Legitimate Interests: Processing is necessary for our legitimate interests, such as improving our service and preventing fraud

3. Your Rights Under GDPR

As a data subject, you have the following rights:

Right to Access

You have the right to request a copy of the personal data we hold about you. We will provide this information in a structured, commonly used, and machine-readable format.

Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

Right to Erasure ("Right to be Forgotten")

You have the right to request that we delete your personal data in certain circumstances, such as when:

The data is no longer necessary for the purpose it was collected
You withdraw consent and there is no other legal basis for processing
You object to processing and there are no overriding legitimate grounds
The data has been unlawfully processed
Deletion is required to comply with a legal obligation

Right to Restriction of Processing

You have the right to request that we restrict processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before withdrawal.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state where you reside, work, or where an alleged infringement of GDPR occurred.

4. How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: contact@infilove.app

We will respond to your request within one month. If your request is complex or we receive multiple requests, we may extend this period by two additional months, and we will inform you of any such extension.

Some features in your account settings allow you to directly:

View and edit your personal information
Download your data
Delete your account
Manage privacy settings

5. Data Protection Measures

Technical Measures

Encryption of data in transit and at rest
Regular security assessments and updates
Secure authentication mechanisms
Access controls and authorization systems
Regular backups and disaster recovery procedures

Organizational Measures

Staff training on data protection
Data protection policies and procedures
Privacy by design and by default principles
Regular privacy impact assessments
Data breach notification procedures

6. Data Processing and Storage

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

Account data: Retained while your account is active and for 30 days after deletion
Memorial pages: Retained while active and for 30 days after deletion
Analytics data: Anonymized after 24 months
Payment data: Retained as required by law (typically 7 years)

International Data Transfers

Your data may be transferred to and processed in countries outside the EU. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

Standard Contractual Clauses approved by the European Commission
Adequacy decisions recognizing equivalent data protection
Binding Corporate Rules where applicable

7. Third-Party Processors

We work with third-party service providers who process personal data on our behalf. We ensure all processors:

Provide sufficient guarantees of GDPR compliance
Process data only on our documented instructions
Implement appropriate technical and organizational measures
Maintain confidentiality of personal data
Assist us in meeting our GDPR obligations

8. Data Breach Notification

In the event of a personal data breach, we will:

Notify the relevant supervisory authority within 72 hours of becoming aware of the breach (where required)
Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
Document all data breaches, including facts, effects, and remedial action taken

9. Children's Privacy

Our service is not directed to children under 16 years of age (or the applicable age of digital consent in your jurisdiction). If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

10. Updates to This Page

We may update this GDPR compliance page from time to time to reflect changes in our practices or legal requirements. We encourage you to review this page periodically.

11. Contact Information

For any questions about GDPR compliance or to exercise your rights, please contact:

General Privacy Inquiries & Support: contact@infilove.app

12. Supervisory Authority

If you are located in the EU and have concerns about our data processing practices, you have the right to lodge a complaint with your local supervisory authority. You can find your local supervisory authority at: https://edpb.europa.eu/about-edpb/board/members_en

GDPR Compliance

1. Introduction

2. Legal Basis for Processing

3. Your Rights Under GDPR

Right to Access

Right to Rectification

Right to Erasure ("Right to be Forgotten")

Right to Restriction of Processing

Right to Data Portability

Right to Object

Right to Withdraw Consent

Right to Lodge a Complaint

4. How to Exercise Your Rights

5. Data Protection Measures

Technical Measures

Organizational Measures

6. Data Processing and Storage

Data Retention

International Data Transfers

7. Third-Party Processors

8. Data Breach Notification

9. Children's Privacy

10. Updates to This Page

11. Contact Information

12. Supervisory Authority

GDPR Compliance

1. Introduction

2. Legal Basis for Processing

3. Your Rights Under GDPR

Right to Access

Right to Rectification

Right to Erasure ("Right to be Forgotten")

Right to Restriction of Processing

Right to Data Portability

Right to Object

Right to Withdraw Consent

Right to Lodge a Complaint

4. How to Exercise Your Rights

5. Data Protection Measures

Technical Measures

Organizational Measures

6. Data Processing and Storage

Data Retention

International Data Transfers

7. Third-Party Processors

8. Data Breach Notification

9. Children's Privacy

10. Updates to This Page

11. Contact Information

12. Supervisory Authority