GDPR Compliance & Your Rights

Last updated: 8/28/2025

🛡️ Your Data Protection Rights

Under the General Data Protection Regulation (GDPR), you have enhanced control over your personal data. CalmParent is committed to respecting and protecting these rights.

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union regulation that came into force on May 25, 2018. It gives individuals greater control over their personal data and harmonizes data protection laws across EU member states.

Your Rights Under GDPR

Right to Access

Request a copy of all personal data we hold about you, including parenting records and usage analytics.

Right to Rectification

Correct any inaccurate or incomplete personal data we process about you.

Right to Erasure

Request deletion of your personal data when it's no longer necessary for our services.

Right to Portability

Receive your data in a structured, machine-readable format to transfer to another service.

Additional Rights

  • Right to Restrict Processing: Limit how we use your data in certain circumstances
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Rights Related to Automated Decision Making: Protection from solely automated decisions with significant effects
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

How CalmParent Complies with GDPR

Lawful Basis for Processing

  • Contract: Processing necessary to provide CalmParent services
  • Consent: Analytics, marketing communications (where applicable)
  • Legitimate Interest: Service improvement, fraud prevention

Data Protection by Design

  • Privacy considerations built into all new features
  • Data minimization: We only collect what's necessary
  • Pseudonymization and encryption where possible
  • Regular privacy impact assessments

Data Retention

  • Account data: Until account deletion + 30 days for recovery
  • Parenting records: Until you request deletion or account closure
  • Analytics data: Anonymized after 26 months
  • Communication logs: 3 years for support purposes

⚠️ Special Considerations for Parenting Data

We understand that parenting data is particularly sensitive. Here's how we protect it:

  • No personal details about children are stored permanently
  • AI conversations are processed but not retained with identifiers
  • Pattern data is anonymized and aggregated
  • You can export or delete all data at any time

International Data Transfers

CalmParent may transfer your data outside the European Economic Area (EEA) for:

  • AI Processing: Secure servers in the US with adequate protection
  • Cloud Storage: EU-based servers primarily, with GDPR compliance
  • Support Services: Only when necessary for customer support

All international transfers are protected by appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

How to Exercise Your Rights

Contact Our Data Protection Team

Email: privacy@calmparent.xyz

Subject Line: "GDPR Request - [Your Request Type]"

Response Time: Within 30 days (1 month) of receiving your request

Required Information:

  • • Full name and email associated with your account
  • • Specific right you wish to exercise
  • • Reason for your request (where applicable)
  • • Proof of identity (for security)

Data Protection Officer (DPO)

CalmParent has appointed a Data Protection Officer to oversee GDPR compliance and handle data protection queries:

Contact: dpo@calmparent.xyz
Response Time: 72 hours for acknowledgment, full response within 30 days

Right to Lodge a Complaint

If you're not satisfied with how we handle your data protection concerns, you have the right to lodge a complaint with a supervisory authority, particularly in the EU Member State where you:

  • Habitually reside
  • Work
  • Believe an infringement of GDPR has occurred

🚨 Data Breach Notification

In the unlikely event of a data breach that poses a high risk to your rights and freedoms, we will notify you within 72 hours of becoming aware of the breach, along with relevant supervisory authorities.

Updates to GDPR Compliance

We regularly review and update our GDPR compliance measures. Significant changes will be communicated through:

  • Email notification to registered users
  • Prominent notice on our website
  • Updates to our Privacy Policy
  • In-app notifications for mobile users

✅ Our GDPR Commitment

CalmParent is committed to the highest standards of data protection. We believe that respecting your privacy rights is not just a legal obligation, but fundamental to building trust with the parents who rely on our service during their most challenging moments.

Related Resources