GDPR Compliance
Last Updated: 7/8/2026
Aczen is committed to protecting the personal data of individuals in line with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws. This statement summarises how we handle personal data and the rights available to data subjects.
Lawful bases for processing
We process personal data only where we have a lawful basis, including:
- Performance of a contract with you
- Compliance with a legal or regulatory obligation
- Your consent, which you may withdraw at any time
- Our legitimate interests, balanced against your rights
Your rights
If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:
- Right to be informed about how your data is used
- Right of access to the personal data we hold about you
- Right to rectification of inaccurate or incomplete data
- Right to erasure ("right to be forgotten"), where applicable
- Right to restrict processing under certain conditions
- Right to data portability in a structured, machine-readable format
- Right to object to processing based on legitimate interests
- Rights related to automated decision-making and profiling
International data transfers
Where personal data is transferred outside the EEA, we put in place appropriate safeguards — such as Standard Contractual Clauses — to ensure your data continues to be protected.
Data retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting or regulatory requirements.
Exercising your rights
To exercise any of these rights, or to raise a concern about how we handle your data, please contact our Data Protection team at privacy@aczen.org. We will respond within the timeframes required by law. You also have the right to lodge a complaint with your local supervisory authority.
Related policies
For more detail, see our Privacy Policy and Cookie Policy.