GDPR Compliance & Your Rights

Last updated: February 28, 2026

Introduction

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It strengthens and unifies data protection for individuals within the European Union (EU) and extends to all companies that process personal data of EU residents.

Pocket Status is committed to protecting your privacy and ensuring compliance with GDPR requirements. This page explains your rights under GDPR and how we handle your personal data.

Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

1. Right to Information

You have the right to be informed about how your personal data is collected, used, and processed.

2. Right of Access

You can request access to your personal data and receive a copy of the data we process about you.

3. Right to Rectification

You can request correction of inaccurate or incomplete personal data.

4. Right to Erasure ('Right to be Forgotten')

You can request deletion of your personal data under certain circumstances. You can delete your account at any time from your dashboard.

5. Right to Restrict Processing

You can request limitation of processing of your personal data in specific situations.

6. Right to Data Portability

You can request your personal data in a structured, commonly used format and transmit it to another controller.

7. Right to Object

You can object to processing of your personal data for direct marketing or other legitimate interests.

How We Protect Your Data

We implement appropriate technical and organizational measures to ensure data protection:

  • Encryption of data in transit and at rest
  • Secure authentication via Google OAuth
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Incident response procedures

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: When you sign up and agree to our terms
  • Contract: When processing is necessary to provide the service
  • Legitimate Interest: To improve and secure our service

Data Retention

We retain your personal data only for as long as necessary:

  • Account Data: Retained while your account is active and deleted upon account deletion
  • Status History: Retained while your account is active
  • Usage Data: Anonymized analytics retained for service improvement

Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay and within 72 hours of becoming aware of the breach. We will also notify the relevant supervisory authority as required by law.

How to Exercise Your Rights

To exercise any of your GDPR rights, you can:

  • Delete your account through your dashboard settings
  • Export your data through your account settings
  • Contact us for any other requests

We will respond to your request within one month (extendable to three months for complex requests).

Complaints

If you believe we have not complied with GDPR requirements, you have the right to:

  • Lodge a complaint with us directly
  • File a complaint with your local Data Protection Authority
  • Seek judicial remedy through the courts

Updates to This Policy

We may update this GDPR policy from time to time to reflect changes in our practices, legal requirements, or regulatory guidance. We will notify you of any material changes and obtain your consent where required by law.

Privacy PolicyTerms of Service