Data Protection Impact Assessments

We do not require a formal Data Protection Impact Assessment (DPIA) for our operations, as our data processing activities primarily involve handling basic personal data (first name, email, etc.) that does not pose a high risk to the rights and freedoms of individuals. Our application utilizes secure Google Cloud Platform (GCP) services, including GCP SQL, which inherently provide robust security measures like data encryption at rest and in transit, automated backups, and secure access controls. These features help mitigate potential data protection risks.

Our platform’s design incorporates built-in security features from these GCP services, ensuring that data is handled securely and in compliance with best practices. We continuously monitor our data processing practices and the security measures provided by GCP. If changes in our processing activities ever increase the risk level, we will undertake a DPIA as required by data protection regulations like the GDPR, to ensure continued compliance and protection of personal data.