Privacy Policy

1. Introduction

Greenland Assurance ("we", "our", "us") is committed to protecting your privacy and ensuring that your personal data is handled in a safe and responsible manner. This Privacy Policy explains how we collect, use, store, and protect your personal information in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller: Greenland Assurance
Contact: privacy@greenlandassurance.com
Data Protection Officer: dpo@greenlandassurance.com

2. What Personal Data We Collect

We may collect the following types of personal data:

• Identity Data: First name, last name, job title
• Contact Data: Email address, phone number, company name
• Technical Data: IP address, browser type, device information, operating system
• Usage Data: Information about how you use our platform and services
• Marketing Data: Your preferences for receiving marketing communications

3. How We Use Your Data

We use your personal data for the following purposes:

• To provide and maintain our services
• To respond to your inquiries and provide customer support
• To send you updates, newsletters, and marketing communications (with your consent)
• To improve our platform and develop new features
• To comply with legal obligations
• To protect our rights and prevent fraud

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: Where you have given explicit consent for processing
• Contract: Where processing is necessary to fulfill a contract with you
• Legitimate Interest: Where processing is necessary for our legitimate business interests
• Legal Obligation: Where processing is required by law

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Account data: For the duration of your account plus 2 years
• Newsletter subscriptions: Until you unsubscribe plus 30 days
• Contact form submissions: 3 years from submission
• Transaction records: 7 years (legal requirement)

6. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Request transfer of your data
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time

To exercise any of these rights, please visit our Data Request Portal or contact us at privacy@greenlandassurance.com.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption at rest and in transit, access controls, regular security assessments, and data processing agreements with our service providers. Our data centers are located in Ireland and Frankfurt (EU).

8. International Data Transfers

Your data is primarily stored and processed within the European Economic Area (EEA). Where we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

9. Third-Party Services

We may share your data with the following categories of third parties:

• Cloud hosting providers (Vercel, Supabase)
• Email service providers (Resend)
• Payment processors (Stripe)
• Analytics providers (where consent is given)

All third-party processors are bound by data processing agreements and are GDPR-compliant.

10. Cookies

We use cookies and similar technologies to enhance your experience. For detailed information about our use of cookies, please see our Cookie Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.