GDPR Compliance
Last updated: May 2025
Our commitment
BCINexus is committed to full compliance with the General Data Protection Regulation (GDPR) for all users in the European Economic Area. This page explains your rights, our legal bases for processing, and how to exercise your rights.
Legal bases for processing
- Contract performanceProcessing your account information to provide the services you signed up for.
- Legitimate interestsAnonymised usage analytics to improve the product (you can opt out at any time).
- Legal obligationRetaining billing records for the legally required period.
- ConsentSending marketing emails, you may withdraw consent at any time.
Your rights under GDPR
Right of Access
Request a copy of all personal data we hold about you.
Right to Rectification
Correct inaccurate or incomplete personal data.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Portability
Receive your data in a machine-readable format (JSON).
Right to Object
Object to processing based on legitimate interests.
Right to Restrict
Request that we limit how we use your data while a dispute is resolved.
Exercising your rights
Submit a request via your account settings or email privacy@bcinexus.io. We will respond within 30 days. For complex requests we may ask for identity verification before actioning.
Data transfers outside the EEA
When we transfer personal data outside the EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission. Our infrastructure providers are bound by equivalent data protection agreements.