Jaytech GDPR Compliance Policy

Effective Date: May 11, 2026

1. Scope & Commitment

Jaytech’s, headquartered in Indianapolis, Indiana, is committed to full compliance with the General Data Protection Regulation (GDPR) when processing personal data of individuals in the European Union (EU) and European Economic Area (EEA).

As a full-service digital agency specializing in web design, digital marketing, AI automation, and business IT solutions, we ensure that all personal data is handled with transparency, security, and accountability—regardless of client location.

2. Lawful Basis for Data Processing

We process personal data strictly under lawful GDPR conditions (Article 6), including:

  • Contractual Necessity: To deliver services such as website development, digital marketing campaigns, and IT support
  • Consent: For email marketing, cookies, and AI-driven automation tools (opt-in required)
  • Legal Obligation: To comply with financial, tax, or regulatory requirements
  • Legitimate Interests: For fraud prevention, performance optimization, and service improvement while respecting user rights

3. Roles & Responsibilities

Depending on the service provided, Jaytech operates as:

  • Data Controller: For business and client data we collect directly
  • Data Processor: When handling customer data on behalf of clients (e.g., CRM systems, chatbot automation, analytics platforms)

4. Your Data Protection Rights

We fully support all GDPR data subject rights (Articles 12–23):

  • Right of Access: Request a copy of your personal data (within 30 days)
  • Right to Rectification: Correct inaccurate or incomplete data (within 15 days)
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your data (within 30 days, unless legally required)
  • Right to Restrict Processing: Temporarily limit how your data is used (within 5 business days)
  • Right to Data Portability: Receive your data in a structured format (JSON/CSV)
  • Right to Object: Opt out of direct marketing or automated processing (processed within 48 hours)

Submit Requests:
📧 gdpr@jaytech.live

5. Third-Party Data Processors

To deliver high-quality digital solutions, hosting, and marketing services, we partner with GDPR-compliant vendors under signed Data Processing Agreements (DPAs):

  • Cloud Hosting Providers (e.g., AWS): Secure infrastructure with encryption safeguards
  • CRM Platforms (e.g., GoHigh Level): Customer relationship management and marketing automation
  • Project Collaboration Tools: Secure workflows for global service delivery

All third-party providers meet strict data protection, encryption, and compliance standards.

6. International Data Transfers

As a global digital services and IT support provider, Jaytech may transfer data across regions:

  • EU to US: Protected using Standard Contractual Clauses (SCCs)
  • International Transfers: Secured with encryption and GDPR-approved safeguards

We maintain transparency in all cross-border data processing activities.

7. Data Security Measures

We implement advanced security practices aligned with GDPR Article 32:

  • Technical Safeguards:
    Encryption, secure servers, firewall protection, and performance monitoring
  • Organizational Measures:
    Role-based access control, staff training, and internal compliance audits
  • Operational Security:
    Continuous monitoring, vulnerability assessments, and secure data storage

8. Data Breach Notification

In the event of a data breach, we follow a strict response protocol:

  • Immediate detection and containment
  • Risk assessment and impact evaluation
  • Notification to relevant authorities within 72 hours
  • Direct communication to affected users when necessary

9. Data Protection Impact Assessments (DPIAs)

We conduct DPIAs for high-risk processing activities, including:

  • AI-driven automation and customer profiling
  • Large-scale data processing for marketing campaigns
  • Advanced analytics and behavioral tracking systems

10. Accountability & Governance

Jaytech maintains full accountability through:

  • Regular updates to data processing records
  • Continuous compliance monitoring
  • Ongoing staff training in data protection and cybersecurity
  • Periodic audits to ensure GDPR adherence

11. Contact & Complaints

GDPR Queries:
📧 gdpr@jaytech.live
📞 +1 (463) 256-3979