GDPR (XL)

GDPR (XL) — Additional Information for International Users

This page is an addition to our main page INFORMATION OBLIGATION (Art. 13 GDPR). It provides supplementary privacy information for users outside the EU/EEA.

Our primary legal framework is the EU General Data Protection Regulation (GDPR). For users from certain countries, additional transparency notices are provided to reflect typical local privacy expectations.

1. United States (US Privacy)

  • We do not sell personal data.
  • Users may request deletion, correction, or restriction of their data at any time.
  • Upon request, we provide full access to all personal data stored about the user.

These statements meet basic U.S. privacy principles.

2. Canada (PIPEDA)

  • Personal data is used only for clearly defined purposes.
  • Users may request access to and correction of their personal data at any time.
  • Data is retained only as long as necessary to provide our services.

3. Australia (APP – Australian Privacy Principles)

  • We process personal data transparently and purpose-bound.
  • Users may request access to the data we store about them.
  • No data is shared with third parties except when legally required.

4. Switzerland

  • We also follow the Swiss Federal Data Protection Act (revDSG) where applicable.
  • Data is processed only when necessary for service provision.
  • Users may request deletion or access at any time.

5. United Kingdom (UK GDPR)

  • We apply UK GDPR principles in alignment with the EU GDPR.
  • User rights include access, rectification, erasure, restriction, and objection.

6. China

  • We do not collect sensitive biometric data beyond the identity check performed by Stripe.
  • Data transfers to Europe occur only in encrypted form.
  • Users may request access or deletion at any time.

7. Philippines / Thailand

  • Data is processed solely to provide our services.
  • No data is shared with third parties for marketing purposes.
  • Users may request access, correction, or deletion at any time.

Important Notice for All Non-EU/EEA Countries

These supplementary notes do not change the following:

  • The legally binding and primary framework is always the EU GDPR and our INFORMATION OBLIGATION.
  • This page exists solely to provide additional transparency for users outside the EU/EEA.