Legal information
Privacy policy
Draft MyRetreat privacy policy requiring DPO approval.
Controller and scope
[TO COMPLETE AND APPROVE: identity and contact details of the controller, representative and DPO, where applicable.]
The intended scope covers accounts, workspace access, security, support requests and operations necessary to provide the service. Every actual processing activity must be inventoried before launch.
Purposes, legal bases and retention
[TO APPROVE: each purpose and legal basis, data category, recipient, processor and any transfer outside the EEA.]
[TO COMPLETE: retention and deletion rules for accounts, sessions, security logs, requests and contractual records.]
Your rights
Access, correction, deletion, restriction, objection and portability apply according to the processing concerned. The request process and response period must be confirmed.
[TO COMPLETE: rights-request channel and competent supervisory authority details.]