GDPR Compliance
Your data rights under EU regulation
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that gives individuals in the EU and EEA control over their personal data. At Curesh, we're fully committed to GDPR compliance, ensuring your privacy and data protection are at the forefront of our operations. We believe in transparency and empowering you with control over your information.
Your Data Rights
Right to Access
Request a copy of all personal data we hold about you.
Article 15
Right to Rectification
Correct any inaccurate personal data.
Article 16
Right to Erasure
Request deletion of your personal data.
Article 17 • "Right to be forgotten"
Right to Portability
Export your data in machine-readable format.
Article 20
Right to Object
Object to certain types of data processing.
Article 21
Right to Restrict
Limit how we process your data.
Article 18
How to Exercise Your Rights
To exercise any of your data rights, please contact our Privacy Team at privacy@curesh.com
We aim to respond to all legitimate requests within 30 days of receipt. Please note that we may need to verify your identity before fulfilling your request to ensure the security of your personal data. This is a standard measure to protect your privacy.
Email: privacy@curesh.com
Response Time: Within 30 days
Data We Collect
| Data Type | Purpose | Legal Basis | Retention |
|---|---|---|---|
| Account Info (Name, Email) | Service delivery, Communication | Contract | Account lifetime |
| GPS Data (Location) | Fleet tracking, Service optimization | Contract, Legitimate Interest | 7 years |
| Temperature Data | Compliance with regulations, Product performance | Legal obligation | 7 years |
| Support Logs (Chat/Email) | Customer support, Service improvement | Legitimate Interest | 3 years |
Data Processing Agreement
For business customers processing personal data on behalf of Curesh, a Data Processing Agreement (DPA) is required. This agreement outlines our mutual obligations regarding data protection.
International Data Transfers
Curesh primarily stores and processes personal data within the EU. In cases where data may be transferred outside the European Economic Area (EEA), additional safeguards are in place.
We utilize Standard Contractual Clauses (SCCs) approved by the European Commission to govern such transfers, ensuring your data maintains the same level of protection as within the EU. For a full list of our sub-processors and their locations, please refer to our Sub-processors List. Sub-processors List.
Contact Our Data Protection Officer
Our Data Protection Officer (DPO) is responsible for overseeing questions in relation to GDPR compliance. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO using the details below.
Email:
dpo@curesh.comName/Title:
Curesh Data Protection Officer
Supervisory Authority:
Data State Inspectorate of Latvia