DraftEmail

AI Email Assistant

GDPR Compliance

Your rights under the General Data Protection Regulation

Your Data Rights

DraftEmail is committed to protecting your privacy and ensuring compliance with the European Union's General Data Protection Regulation (GDPR). This page explains your rights and how we protect your data.

Your GDPR Rights

Right to Access

You have the right to request access to your personal data and understand how we process it.

Right to Rectification

You can request correction of inaccurate or incomplete personal data we hold about you.

Right to Erasure

You can request deletion of your personal data under certain circumstances.

Right to Data Portability

You can request to receive your data in a structured, machine-readable format.

Right to Restrict Processing

You can request limitation of processing your personal data in specific situations.

Right to Object

You can object to processing based on legitimate interests or for direct marketing.

Right to Withdraw Consent

You can withdraw consent for processing at any time where consent is the legal basis.

Right to Complain

You can lodge a complaint with your local data protection authority.

How to Exercise Your Rights

Through Your Account

Many of your rights can be exercised directly through your DraftEmail account:

  • • Access and update your profile information
  • • Download your data and email templates
  • • Delete your account and all associated data
  • • Manage email preferences and consent settings

Contact Our Data Protection Team

For requests that cannot be handled through your account, contact us:

Email:privacy@draftemail.com
Subject:GDPR Data Request

Response Time

We will respond to your request within 30 days as required by GDPR. In complex cases, we may extend this period by an additional 60 days and will inform you of any delay.

Legal Basis for Processing

Account Management
User registration, authentication, billing
Contract Performance
Email Generation
AI-powered email writing and templates
Contract Performance
Analytics & Improvement
Usage analytics, feature optimization
Legitimate Interest
Marketing Communications
Newsletter, product updates
Consent
Legal Compliance
Tax records, fraud prevention
Legal Obligation

Our Data Protection Measures

Technical Safeguards

  • • End-to-end encryption of all data
  • • Regular security audits and penetration testing
  • • Multi-factor authentication for admin access
  • • Automated data backup and recovery systems
  • • SOC 2 compliance

Organizational Measures

  • • Regular privacy training for all staff
  • • Data Protection Impact Assessments (DPIAs)
  • • Strict access controls and monitoring
  • • Incident response and breach notification procedures
  • • Regular policy reviews and updates

Data Protection Officer

Our Data Protection Officer is available to help with any GDPR-related questions or concerns.

Contact DPO

Response within 72 hours for GDPR inquiries

Supervisory Authority

If you believe we have not adequately addressed your concern, you have the right to lodge a complaint with your local data protection authority. For EU residents, you can find your local authority at:

European Data Protection Board - Member Authorities