GDPR

Learn about FilesPlay's GDPR compliance and your data protection rights under the General Data Protection Regulation.

GDPR Compliance

Last Updated: May 6, 2026

FilesPlay is committed to compliance with the General Data Protection Regulation (GDPR) and protecting the privacy rights of all users, particularly those in the European Union.

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It strengthens and unifies data protection for individuals within the European Union (EU) and addresses the export of personal data outside the EU.

Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

1. Right to Access

You have the right to request access to your personal data and obtain information about how we process it.

2. Right to Rectification

You have the right to have inaccurate personal data corrected and incomplete data completed.

3. Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data under certain circumstances, such as when:

  • The data is no longer necessary for the original purpose
  • You withdraw consent
  • The data has been unlawfully processed

4. Right to Restrict Processing

You have the right to request that we limit how we use your personal data in certain circumstances.

5. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

6. Right to Object

You have the right to object to processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.

7. Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, that produces legal effects concerning you.

How We Comply with GDPR

Lawful Basis for Processing

We process your personal data based on:

  • Consent: When you have given clear consent for us to process your data
  • Contract: When processing is necessary for the performance of a contract
  • Legal Obligation: When we need to comply with legal requirements
  • Legitimate Interests: When processing is necessary for our legitimate business interests

Data Protection Measures

We implement appropriate technical and organizational measures to ensure data security:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Data backup and recovery procedures
  • Staff training on data protection

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected users without undue delay.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us through our contact page or email us at the address provided. We will respond to your request within one month.

Data Protection Officer

If you have concerns about how we handle your personal data, you can contact our Data Protection Officer (DPO) through our contact page.

Supervisory Authority

If you are not satisfied with our response to your data protection concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses
  • Adequacy decisions by the European Commission
  • Other approved transfer mechanisms

Updates to This Policy

We may update this GDPR information page from time to time to reflect changes in our practices or legal requirements. We encourage you to review this page periodically.

Contact Us

For questions about GDPR compliance or to exercise your rights, please contact us through our contact page.