Last revised: January 2026

General Data Protection Regulation (GDPR) Compliance Policy

At FactR Limited (“FactR”, “we”, “us”, “our”), we are committed to protecting personal data in accordance with the General Data Protection Regulation (“GDPR”) and ensuring the rights of individuals in the European Economic Area (“EEA”) and other applicable regions.

By using FactR Limited’s website or SaaS product(s), you agree to the practices outlined in this policy.

1. Scope

This policy applies to processing of Personal Information, as defined in our Privacy Policy, of individuals in the EEA, UK, and other regions where GDPR protections apply.

2. Lawful Basis for Processing

FactR processes Personal Information only when there is a lawful basis, including:

  • Performance of a contract

  • Legitimate business interests

  • Compliance with legal obligations

  • Consent where required by law

The lawful basis is clearly identified at the time of collection.

3. Data Subject Rights

EEA residents have the following rights under GDPR, subject to conditions:

  • Access your Personal Information

  • Rectify inaccurate or incomplete data

  • Request deletion of your Personal Information

  • Restrict or object to processing

  • Data portability

  • Withdraw consent where processing is based on consent

Details are described in our Privacy Policy and Delete My Data pages.

4. Exercising Your Rights

To exercise rights:

We may verify your identity before fulfilling requests.

5. Data Transfers Outside the EEA

Personal Information may be transferred to Canada or other jurisdictions. FactR ensures appropriate safeguards, including contractual protections and recognized legal mechanisms.

6. Data Retention

We retain Personal Information only as long as necessary to provide services, meet legal obligations, resolve disputes, and enforce agreements. Retention is consistent with our Privacy Policy.

7. Security Measures

FactR implements technical and organizational safeguards to protect Personal Information from unauthorized access, loss, misuse, or disclosure. Access is limited to employees with legitimate business need.

8. Policy Updates

This GDPR Policy may be updated. Changes are reflected in the “Last Revised” date.

9. Related Policies and Contact

Questions about GDPR compliance or your rights: info@factr.me

Official guidance: GDPR Compliance Guidelines

You may also view FactR Limited’s Privacy Policy and Terms & Conditions