← Back to ShieldHerPro

GDPR Policy

Last updated: April 2026

1. Our Commitment

ShieldHerPro is fully committed to compliance with the General Data Protection Regulation (GDPR) for all users in the European Union and European Economic Area. As a Slovak Republic-based service, GDPR compliance is both a legal requirement and a core value.

2. Data Controller

Gill's Digital Studio
shieldherpro@gmail.com

3. Legal Basis for Processing

We process your personal data on the following legal bases:
  • Contract performance — to provide the service you subscribed to
  • Legitimate interest — to prevent fraud, abuse, and unauthorized access
  • Legal obligation — to maintain financial records as required by Slovak law
We do NOT process sensitive safety data (locations, messages, client details) — this data never leaves your device.

4. Data We Process

Personal data we collect and process:
  • Email address (account creation and communication)
  • Subscription and billing metadata (plan status, billing dates)
  • Usage metadata (tool access logs for account management)
Data we explicitly do NOT process:
  • Meeting locations entered in SafeMeet
  • Client names, photos, or notes entered in SafeMeet
  • SafeWords message content or contact details
  • Review content entered in ReviewShield
All of the above is processed entirely on your device and never transmitted to our servers.

5. Data Retention

  • Active account data: retained for the duration of your subscription
  • Post-cancellation: account data deleted within 90 days of cancellation
  • Billing records: retained for 7 years as required by Slovak tax law
  • On account deletion request: all personal data permanently deleted within 30 days

6. Your GDPR Rights

As an EU/EEA resident you have the following rights:
  • Right of access — request a copy of all personal data we hold about you
  • Right to rectification — request correction of inaccurate data
  • Right to erasure — request permanent deletion of your data (right to be forgotten)
  • Right to restriction — request that we limit how we process your data
  • Right to portability — request your data in a portable format
  • Right to object — object to processing based on legitimate interest
  • Right to withdraw consent — where processing is based on consent
To exercise any of these rights, contact us at shieldherpro@gmail.com. We will respond within 30 days at no charge.

7. Data Transfers

Your data is processed within the European Union. Our service providers (Supabase, Stripe) maintain GDPR-compliant data processing agreements and Standard Contractual Clauses where applicable. No data is transferred outside the EU/EEA without appropriate legal safeguards.

8. Data Breaches

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and notify affected users without undue delay.

9. Supervisory Authority

If you believe your GDPR rights have been violated, you have the right to lodge a complaint with the Slovak Data Protection Authority (Úrad na ochranu osobných údajov Slovenskej republiky) at dataprotection.gov.sk

10. Data Protection Contact

For all GDPR-related enquiries: shieldherpro@gmail.com