{"id":128,"date":"2025-12-04T17:24:38","date_gmt":"2025-12-04T17:24:38","guid":{"rendered":"https:\/\/phantombuster.com\/legal\/?page_id=128"},"modified":"2025-12-05T14:04:49","modified_gmt":"2025-12-05T14:04:49","slug":"gdpr","status":"publish","type":"page","link":"https:\/\/phantombuster.com\/legal\/gdpr\/","title":{"rendered":"General Compliance &#8211; Let&#8217;s Talk About GDPR"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">The <\/span><a href=\"https:\/\/commission.europa.eu\/law\/law-topic\/data-protection_en\"><span style=\"font-weight: 400;\">General Data Protection Regulation (GDPR)<\/span><\/a><span style=\"font-weight: 400;\"> establishes rules concerning the protection of individuals with regard to their personal data. It aims to protect the fundamental rights of European residents by allowing them to retain control over their personal data. This common European framework establishes principles for achieving this objective, such as transparency, data security and purpose limitation. Applying these rules can enable you to gain and retain the trust of your prospects and customers.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Contrary to what one might think, these regulations do not only apply to European operators. In fact, any organization that processes the personal data of individuals located in the European Union might be subject to the GDPR. Therefore, when you carry out a personal data processing operation concerning individuals located in this territory, the obligations of the GDPR may apply to you.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">So if you want to use our services to process the personal data of individuals located in the European Union, we recommend that you be attentive about the obligations that might arise from this.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">The key words of the GDPR<\/span><\/h2>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Data Subject: <\/b><span style=\"font-weight: 400;\">The natural person, the individual whose personal data is being processed. <\/span><\/li>\n<\/ul>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Data Controller: <\/b><span style=\"font-weight: 400;\">The operator who determines the purposes and means of processing personal data.<\/span><\/li>\n<\/ul>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Data Processor: <\/b><span style=\"font-weight: 400;\">The operator who processes personal data on behalf of the data controller.<\/span><\/li>\n<\/ul>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Legal Basis: <\/b><span style=\"font-weight: 400;\">Any data controller must be able to demonstrate a legal basis for processing personal data. Otherwise, the processing is unlawful. The possible legal bases are listed exhaustively in Article 6 of the GDPR.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Personal Data: <\/b><span style=\"font-weight: 400;\">Any information (whether public or not) relating to an identified or identifiable natural person. <\/span><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">You and PhantomBuster with regard to the GDPR<\/span><\/h2>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">When we process the personal data of our users<\/span><span style=\"font-weight: 400;\">,<\/span><span style=\"font-weight: 400;\"> we are the data controller because we determine the purposes (e.g. providing our services, improving our product) and means (determination of the data collected, subcontractors). More information in our <\/span><a href=\"https:\/\/phantombuster.com\/legal\/privacy-policy\/\"><b>Privacy Policy<\/b><\/a><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">When we process personal data relating to your leads, via our platform or our extension, we act as a data processor. Indeed, you determine your needs\/purposes, the data necessary to fulfill your purposes, and the legal basis on which you will rely. We process this data on your behalf, in accordance with your instructions when you set up your automations in your workspace. More information in our<\/span><a href=\"https:\/\/phantombuster.com\/legal\/data-protection-agreement\/\"><b> Data Processing Agreement<\/b><\/a><span style=\"font-weight: 400;\">.<\/span><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">PhantomBuster assists you in your compliance<\/span><\/h2>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">You can easily export data relating to a data subject to respond to a right of access (Right of access).<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">You can ensure the accuracy of the data by updating your leads&#8217; data proactively or at their request (Principle of accuracy, right of rectification).<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">You can delete your leads from your workspace proactively or in response to a deletion request (Principle of minimization, right to erasure).<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Our platform and web browser extension show the lead\u2019s indicative location &#8211; when available &#8211; so you can decide whether to keep or delete it. (Geographical scope of application of GDPR).\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">You have full control over who you share lead data with according to the rights to your workspace that you decide (Principle of security, integrity, confidentiality).<\/span><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">Recommendations for your GDPR compliance when using our services<\/span><\/h2>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Comply with GDPR obligations towards your European leads<\/b><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">If you are a business operator established in the European Union that processes personal data, you are subject to the GDPR. If you are not established in the European Union, we recommend being attentive to the location of your prospects. If they are located in European territory, you might be subject to the GDPR for the processing of their personal data.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Observe the prospecting rules that apply to you<\/b><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Depending on your situation, we advise you to pay attention to the rules relating to consent (opt-in \/ opt-out, depending on whether your activity is aimed at individuals or professionals).<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Invest in legal advice<\/b><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Don&#8217;t hesitate to call on legal advice to guide you in your compliance. The trust of your prospects and customers is worth it.\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The General Data Protection Regulation (GDPR) establishes rules concerning the protection of individuals with regard to their personal data. It aims to protect the fundamental rights of European residents by allowing them to retain control over their personal data. This common European framework establishes principles for achieving this objective, such as transparency, data security and [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-128","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/phantombuster.com\/legal\/wp-json\/wp\/v2\/pages\/128","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/phantombuster.com\/legal\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/phantombuster.com\/legal\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/phantombuster.com\/legal\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/phantombuster.com\/legal\/wp-json\/wp\/v2\/comments?post=128"}],"version-history":[{"count":17,"href":"https:\/\/phantombuster.com\/legal\/wp-json\/wp\/v2\/pages\/128\/revisions"}],"predecessor-version":[{"id":504,"href":"https:\/\/phantombuster.com\/legal\/wp-json\/wp\/v2\/pages\/128\/revisions\/504"}],"wp:attachment":[{"href":"https:\/\/phantombuster.com\/legal\/wp-json\/wp\/v2\/media?parent=128"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}