GDPR Compliance
General Data Protection Regulation Information
Last updated: March 3, 2026
GDPR Compliance Statement
ScaleBIG is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This page provides specific information about how we comply with GDPR requirements and your rights as a data subject.
The GDPR applies to the processing of personal data of individuals located in the European Union (EU) and European Economic Area (EEA). Even if you are not located in the EU/EEA, we extend many of these protections to all our users worldwide.
Important Note:
This page supplements our Privacy Policy and provides additional information specifically related to GDPR compliance. Please read both documents to understand your rights and our data practices fully.
Data Controller Information
Company Details
Name: ScaleBIG
Address: Switzerland
Email: info@scalebig.com
Phone: +1 877 799 2979
Data Protection Officer
Email: info@scalebig.com
Role: Data Protection Compliance
Available for GDPR-related inquiries and requests
Legal Basis for Processing Personal Data
Under GDPR, we must have a legal basis for processing your personal data. We rely on the following legal bases:
Contract Performance
Processing necessary to perform our services contract with you, including service delivery, billing, and customer support.
Legitimate Interest
Processing for our legitimate business interests, such as improving our services, marketing to existing customers, and fraud prevention.
Consent
Processing based on your explicit consent, such as marketing communications, cookies (where required), and optional data collection.
Legal Obligation
Processing required to comply with legal obligations, such as tax reporting, regulatory compliance, and law enforcement requests.
Your Rights Under GDPR
As a data subject under GDPR, you have the following rights regarding your personal data:
Right of Access
Request a copy of the personal data we hold about you and information about how we process it.
Right to Rectification
Request correction of inaccurate or incomplete personal data we hold about you.
Right to Erasure
Request deletion of your personal data in certain circumstances (also known as "right to be forgotten").
Right to Restrict Processing
Request limitation of processing of your personal data in specific situations.
Right to Data Portability
Request transfer of your personal data to another service provider in a structured format.
Right to Object
Object to processing of your personal data for direct marketing or legitimate interests.
Right to Withdraw Consent
Withdraw your consent for processing where we rely on consent as the legal basis.
Right to Lodge a Complaint
File a complaint with your local data protection authority if you believe we've violated GDPR.
How to Exercise Your Rights
To exercise any of your GDPR rights, please contact us using the following methods:
Contact Methods
Email: info@scalebig.com
Subject Line: "GDPR Request - [Type of Request]"
Response Time: Within 30 days
Phone: +1 877 799 2979
Mail: ScaleBIG, Switzerland
DPO Email: info@scalebig.com
Required Information
To process your request efficiently and verify your identity, please include:
- • Full name and email address associated with your account
- • Specific details about your request
- • Proof of identity (if required for verification)
- • Any relevant account or reference numbers
International Data Transfers
As we are based in the United States, your personal data may be transferred outside the EU/EEA. We ensure appropriate safeguards are in place for such transfers:
Adequacy Decisions
We transfer data to countries with adequacy decisions from the European Commission where possible.
Standard Contractual Clauses
We use Standard Contractual Clauses (SCCs) approved by the European Commission for data transfers.
Additional Safeguards
We implement technical and organizational measures to ensure data protection equivalent to GDPR standards.
Data Breach Notification
In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay. Our breach response process includes:
Authority Notification
Notify relevant supervisory authorities within 72 hours of becoming aware of the breach.
Individual Notification
Notify affected individuals without undue delay if high risk to rights and freedoms.
Remedial Action
Take immediate steps to contain the breach and prevent further unauthorized access.
Data Protection Impact Assessments
We conduct Data Protection Impact Assessments (DPIAs) for processing activities that are likely to result in high risk to individuals' rights and freedoms. This includes:
- • Systematic monitoring of publicly accessible areas
- • Processing of special categories of personal data
- • Automated decision-making with legal or significant effects
- • Large-scale processing of personal data
- • New technologies or innovative processing methods
Supervisory Authority Contact
If you believe we have not adequately addressed your GDPR-related concerns, you have the right to lodge a complaint with your local data protection authority. For EU residents, you can find your local authority at:
European Data Protection Board
Website: https://edpb.europa.eu
Find your local supervisory authority contact information
GDPR Contact Information
For any GDPR-related questions, requests, or concerns, please contact us:
General GDPR Inquiries
Email: info@scalebig.com
Phone: +1 877 799 2979
Response time: Within 30 days
Data Protection Officer
Email: info@scalebig.com
Role: GDPR Compliance
Available for complex GDPR matters