Legal

GDPR Compliance

Last Updated: May 25, 2026

At Ghostal, we are committed to respecting your privacy rights, including those established under the General Data Protection Regulation (GDPR) for users residing in the European Economic Area (EEA).

1. Your Rights Under GDPR

As an EEA resident, you possess the following rights regarding the personal data we store:

  • Right of Access: You can request a full export of your personal information, media assets, and connected channel tokens.
  • Right of Rectification: You can request correction of inaccurate profile data or billing details.
  • Right of Erasure (“Right to be Forgotten”): You can request that we permanently delete your account, connected tokens, and Content Vault history.
  • Right to Restrict Processing: You can request that we temporarily disable automation queues without fully deleting your account.
  • Right to Data Portability: You can request your data in a machine-readable format (JSON) for easy migration to other platforms.

2. Data Subject Access Requests (DSAR)

To request a data export, modify permissions, or delete your entire record, please email us. We process all valid DSARs within 30 days of receiving the request and verifying your identity.

support@ghostal.xyz

3. Data Security and International Transfers

Since Ghostal operates cloud infrastructure worldwide, your data may be transferred to and stored in countries outside the EEA. We enforce Standard Contractual Clauses (SCCs) to ensure equivalent data protection levels are maintained globally.