GDPR

At BaxAnalytics, we are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR). This document outlines our approach to data processing, your rights as a user, and our responsibilities as a data processor.

Who We Are

BaxAnalytics provides a comprehensive platform for businesses to monitor, understand, and improve user behavior on their websites. We prioritize transparency, privacy, and user data security.

Our Role Under GDPR

Under the GDPR, BaxAnalytics may act as a Data Processor or a Data Controller depending on the scenario:

• Data Processor: When our clients (Data Controllers) use our platform to analyze their website visitors’ behavior, we process data on their behalf.
• Data Controller: When processing our clients’ data for onboarding, billing, or support purposes, we determine the purposes and means of processing.

What Data We Process

We collect and process two categories of data:

1. End-User Data (Visitors to Our Clients’ Websites):
   • Examples: Clicks, scrolls, session durations, and navigation patterns.
   • Purpose: To provide analytics and insights that help our clients improve their websites.
   • Minimization: No personally identifiable information (PII) such as names, emails, or phone numbers is captured unless explicitly authorized.
2. Client Data (Our Users):
   • Examples: Contact details, billing information, and account settings.
   • Purpose: For client communication, platform access, and billing.

How We Ensure GDPR Compliance

1. Data Minimization:
   We only collect data essential for our services and use anonymization and pseudonymization techniques wherever possible.
2. Legal Basis for Processing:
   • Consent: For collecting and processing End-User Data via client websites.
   • Contractual Obligation: For processing Client Data needed to deliver our services.
3. Data Retention:
   • End-User Data: Retained as defined by our clients, typically not exceeding 12 months.
   • Client Data: Retained as long as the account is active or for a reasonable time thereafter to comply with legal obligations.
4. Data Security:
   We use industry-standard encryption (e.g., HTTPS, AES-256) to protect data in transit and at rest. Regular security audits and employee training ensure data is safeguarded.
5. Processor Agreements:
   All sub-processors (hosting providers, payment processors) are vetted for GDPR compliance and bound by Data Processing Agreements (DPAs).

Your Rights Under GDPR

As an individual interacting with BaxAnalytics or its clients, you have the following rights:

1. Right to Access:
   Request a copy of personal data we process about you.
2. Right to Rectification:
   Correct inaccuracies in your data.
3. Right to Erasure (Right to Be Forgotten):
   Request deletion of your data, subject to legal or contractual limitations.
4. Right to Data Portability:
   Receive your data in a machine-readable format or transfer it to another service.
5. Right to Restrict Processing:
   Limit how we process your data under certain conditions.
6. Right to Object:
   Opt out of specific data processing activities, such as direct marketing or profiling.

To exercise any of these rights, email us at [email protected].

Cookies and Tracking

BaxAnalytics uses cookies to improve user experience and deliver our services.

• Types of Cookies: Session cookies, analytics cookies, and preference cookies.
• User Consent: Our cookie banner ensures users can manage preferences in compliance with GDPR.

For detailed information, view our Cookie Policy.

Data Transfers

Data processed by BaxAnalytics may be stored or transferred to countries outside the European Economic Area (EEA). All transfers are governed by Standard Contractual Clauses (SCCs) or similar safeguards approved by the European Commission.

Data Breach Notification

In the event of a data breach that affects personal data, we will notify the relevant supervisory authority and affected individuals within 72 hours as required by GDPR.

Contact Us

If you have questions about our GDPR policy or how we handle your data, contact: [email protected]

This policy provides transparency, aligns with GDPR, and ensures user trust. You can customize it further with specific BaxAnalytics branding and details!