Treffa is committed to complying with the EU General Data Protection Regulation (GDPR). This page outlines our approach and your rights.
Data controller & processor
Depending on your use, Treffa may act as controller (e.g. for your account data) or processor (e.g. for client/guest data you manage via Treffa). We process personal data only on documented instructions and in line with GDPR.
Lawful basis
We process data where necessary for contract performance, consent, legitimate interests, or legal obligation. We do not use personal data for purposes incompatible with those for which it was collected.
Data subject rights
Data subjects have the right to access, rectification, erasure, restriction of processing, data portability, and to object. We support these rights and respond within the timeframes required by GDPR.
Sub-processors & transfers
We use sub-processors only where necessary. Data remains in the EU/EEA. We ensure appropriate safeguards for any permitted transfers.
DPA
We offer a Data Processing Agreement (DPA) for customers who need it. Contact legal@treffa.eu to request one.
Contact
GDPR-related queries: privacy@treffa.eu or legal@treffa.eu.