GDPR Compliance

Aurocle Software is fully committed to GDPR compliance. We process personal data lawfully, fairly, and transparently. This page outlines our specific GDPR measures.

For GDPR inquiries, contact our Data Protection team: Email: info@aurocle.world Address: Avenue de la Renaissance 1, 1000 Brussels, Belgium

We process data under Article 6 of GDPR: (a) Consent — for WhatsApp communications and marketing (b) Contract — for proposal generation and service delivery (f) Legitimate Interest — for analytics and service improvement

Right of Access (Art. 15): Request a copy of your data within 30 days. Right to Rectification (Art. 16): Correct inaccurate personal data. Right to Erasure (Art. 17): Request deletion of your data. Right to Restrict Processing (Art. 18): Limit how we use your data. Right to Data Portability (Art. 20): Receive your data in a machine-readable format. Right to Object (Art. 21): Object to processing based on legitimate interest. Exercise any right by emailing info@aurocle.world. We respond within 30 days.

We maintain records of all processing activities as required by Article 30. Categories of data processed: contact information, company data, proposal interaction data, payment data, communication logs.

We conduct DPIAs for high-risk processing activities, including our AI proposal engine that processes company data from public sources.

We use the following sub-processors: MongoDB Atlas (EU) — Database hosting Stripe (EU/US) — Payment processing Twilio (US) — SMS and WhatsApp OpenAI (US) — AI text generation All sub-processors are bound by Data Processing Agreements with SCCs.

In the event of a data breach, we will notify the relevant supervisory authority within 72 hours and affected data subjects without undue delay, as required by Articles 33 and 34.

Transfers to the US (OpenAI, Twilio, Stripe) are protected by Standard Contractual Clauses (SCCs) and the EU-US Data Privacy Framework where applicable.

You have the right to lodge a complaint with your local supervisory authority. In Belgium: Gegevensbeschermingsautoriteit (GBA). In the UK: Information Commissioner's Office (ICO).