How Abscode is built to comply with the EU General Data Protection Regulation (GDPR) — so you can serve customers and end users across the EU, EEA, UK, and the rest of the world on one platform.
The GDPR (Regulation (EU) 2016/679) governs the processing of personal data of individuals located in the EU and EEA, regardless of where the processing organisation is established. If your product reaches EU/EEA users, GDPR applies to you — and to the vendors you build on. Abscode Technologies LLP, established in India, is built to be GDPR-ready so you can adopt it without re-architecting for EU data protection.
Choose an EU processing region so EU/EEA personal data is stored and processed inside the EU. Combined with auto-purge, a signed DPA, and the EU Standard Contractual Clauses for any onward transfer, this gives EU and worldwide customers a single, compliant setup.
When you use Abscode to process personal data of EU/EEA individuals:
A GDPR-compliant Data Processing Agreement (DPA), incorporating the Article 28 processor terms, is available — request it from legal@abscode.com.
As Controller, you determine the lawful basis under Article 6 (and, where special-category data is involved, the Article 9 condition) for each processing activity. Abscode does not determine purposes or means: we act only on your documented instructions set out in the DPA, and we will inform you if an instruction appears to infringe the GDPR.
Abscode Technologies LLP is established in India — a country that does not currently have an EU adequacy decision. Even when you select the EU storage region, operating and supporting the service may involve access by our India-based team, and choosing a non-EU region stores data outside the EU/EEA. Every such transfer is a "restricted transfer" protected by appropriate safeguards under Chapter V GDPR:
GDPR grants data subjects the rights of access, rectification, erasure ("right to be forgotten"), restriction, data portability, objection, and rights relating to automated decision-making. As your Processor, Abscode helps you meet these requests by:
Because Abscode acts on your instructions, end users should address rights requests to you (the Controller); we will assist you in responding within the GDPR timelines.
We use a limited set of vetted sub-processors (cloud hosting, AI inference, and payments). Each is bound by data-protection terms no less protective than our DPA. We maintain a current sub-processor list and give 30 days' notice before adding or replacing one, during which you may object. Request the list from privacy@abscode.com.
Abscode Technologies LLP is established in India and has no office or establishment in the EU or EEA. Where Article 27 GDPR requires a non-EU organisation to designate a representative in the Union for a given processing activity, we will appoint one and publish its details here. In the meantime, EU/EEA data subjects and supervisory authorities can contact our Data Protection Officer at dpo@abscode.com, who will handle or route the enquiry.
GDPR queries, DPA and SCC requests, sub-processor lists, and breach reports: dpo@abscode.com. See also our Privacy Policy, Security overview, and India DPDP compliance.
Enterprise customers receive a pre-signed DPA with SCCs as part of contract negotiation. Standard self-serve customers can request our standard DPA from legal@abscode.com — usually executed within 5 business days.