×

GDPR Compliance

  • Home
  • GDPR Compliance

GDPR Compliance
1. Data Controller & Processing
ERPXIFY (“we,” “us,” or “our”) is the data controller for all personal data collected through our services. We process your personal and business data in accordance with the EU General Data Protection Regulation (GDPR) and applicable local laws.

2. Lawful Bases for Processing

  • Performance of a Contract: Processing necessary to provide you with POS, inventory, or invoicing services.

  • Legal Obligation: Compliance with accounting, tax, or regulatory requirements.

  • Legitimate Interests: Improving our platform, securing our systems, and protecting against fraud.

  • Consent (where required): For optional marketing communications—withdrawable at any time.

3. Your Rights Under GDPR
You have the right to:

  • Access: Request a copy of your personal data.

  • Rectification: Correct or update inaccurate or incomplete data.

  • Erasure (“Right to be Forgotten”): Delete personal data when there is no valid reason to retain it.

  • Restriction of Processing: Temporarily block processing in certain circumstances.

  • Data Portability: Receive your data in a structured, commonly used format.

  • Objection: Object to processing based on legitimate interests or direct marketing.

  • Withdraw Consent: Revoke any consent you have given without affecting prior processing.

4. Data Retention
We retain your personal and business data only as long as necessary to fulfill the purposes described (e.g., providing services, compliance with legal obligations, dispute resolution). Backup and archive copies may remain for limited periods to comply with regulatory requirements.

5. International Data Transfers
Your data may be stored and processed in data centers located outside the European Economic Area (EEA). We ensure adequate safeguards—such as Standard Contractual Clauses or Binding Corporate Rules—are in place to protect your rights when data is transferred internationally.

6. Security Measures
We employ industry-standard technical and organizational measures (encryption, access controls, network security, regular audits) to protect your personal data against unauthorized access, disclosure, alteration, or destruction.

7. Data Protection Officer (DPO)
If you have questions about our GDPR compliance or wish to exercise your rights, please contact our DPO at:
dpo@erpxify.com

8. Supervisory Authority & Complaints
You have the right to lodge a complaint with your local supervisory authority if you believe our processing of your data infringes GDPR. For EU residents, find your authority at https://edpb.europa.eu/about-edpb/board/members_en.