GDPR — Your Data Rights

DialAndCase operates from the European Union, and the General Data Protection Regulation (GDPR) applies to everything we do with your personal data. Our Privacy Policy explains what we collect; this page explains your rights and how to exercise them.

Your rights

• Access — ask for a copy of all personal data we hold about you.
• Rectification — most data (profile, watches, stories) you can edit yourself in the app; for anything else, ask us.
• Erasure ("right to be forgotten") — request full deletion of your account and all associated data: watches, photos, reminders, sessions. Deletion is permanent.
• Portability — request an export of your collection in a machine-readable format (CSV/JSON).
• Objection / restriction — object to any processing you believe is unjustified.

How to exercise them

Self-service, instantly: in Settings → Your data you can download everything we hold about you (one JSON file: profile, watches including private fields, photos, reminders, timeline) and permanently delete your account (type your handle to confirm; everything is erased, including uploaded photos).

For anything else — or if you prefer a human — send a request via the contact page from your account email. We respond within 30 days, usually much faster.

Lawful basis & retention

• We process your data to provide the service you signed up for (contract) and to keep the platform secure (legitimate interest — e.g. rate-limiting login attempts).
• Your data is kept while your account is active. After account deletion, backups expire within 14 days.
• We use no automated decision-making or profiling.

Complaints

If you believe we mishandled your data, you may lodge a complaint with your local supervisory authority (in Romania: ANSPDCP, dataprotection.ro) — but please talk to us first; we take this seriously.