GDPR Compliance

Last updated: 2026-04-16

Scriflow is committed to compliance with the General Data Protection Regulation (GDPR).

Legal Basis for Processing

We process personal data based on: contract performance (providing the service), legitimate interests (improving the service, security), consent (marketing emails), and legal obligations (tax, compliance).

Your Rights Under GDPR

You have the right to: access your personal data, rectify inaccurate data, erase your data ("right to be forgotten"), restrict processing, data portability, and object to processing. You can exercise these rights through your account settings or by contacting us.

Data Protection

For data protection inquiries, contact us at privacy@scriflow.com. We will respond to all requests within 30 days.

Technical Measures

We implement data protection by design and by default. All personal data is encrypted, access is role-based and audited, and we conduct regular security assessments.