camberin

GDPR Compliance

Last updated: May 20, 2026

Camberin is committed to complying with the General Data Protection Regulation (EU) 2016/679.

1. Lawful basis for processing

We process personal data under these bases:

  • Contract: to provide the service you signed up for
  • Legitimate interest: to secure and improve the service
  • Consent: for optional features like analytics cookies
  • Legal obligation: to comply with tax and accounting laws

2. Data minimization

We collect only data necessary to operate Camberin. Workspace content is under your control.

3. Data subject rights

EU and UK residents have the right to:

  • Access: request a copy of your personal data
  • Rectification: correct inaccurate data
  • Erasure: request deletion of your data
  • Restriction: limit processing in certain circumstances
  • Objection: object to processing based on legitimate interest
  • Portability: receive your data in a machine-readable format
  • Withdraw consent at any time

To exercise rights, email privacy@camberin.com with subject "GDPR Request". We verify identity and respond within 30 days.

4. Data Processing Agreement

Business customers can request our Data Processing Agreement (DPA) which includes Standard Contractual Clauses for international transfers.

Email legal@camberin.com to sign a DPA.

5. Subprocessors

We use vetted subprocessors for hosting, analytics, payment processing, and support. Current list is available on request.

We require subprocessors to provide GDPR-level protections.

6. Data breaches

We maintain an incident response plan. In case of a personal data breach, we will notify affected users and the relevant supervisory authority within 72 hours where feasible.

7. Data retention

  • Account data: retained while account is active
  • Content data: retained until deleted by user
  • Backups: deleted within 90 days of deletion request
  • Logs: retained for 12 months for security purposes

8. International transfers

Primary hosting is in the EU. Where data is transferred outside the EEA, we use Standard Contractual Clauses and additional safeguards.

9. Data Protection Officer

Contact: dpo@camberin.com

10. Complaints

You have the right to lodge a complaint with your local supervisory authority if you believe we have not addressed your concerns.