Back to Meshed
Privacy PolicyCCPA Rights
EU Flag

GDPR Rights & Compliance

General Data Protection Regulation (EU) 2016/679 - Your rights and our commitments

Last updated: December 20, 2024

Your GDPR Rights at a Glance

Right to Access

See what personal data we hold about you

Data Portability

Download your data in a machine-readable format

Right to Erasure

Request deletion of your personal data

Restrict Processing

Limit how we process your data

Object to Processing

Opt out of certain data processing activities

Lodge a Complaint

Contact your Data Protection Authority

Exercise Your Rights

Download My Data (Data Export)Request Account Deletion
Manage Privacy SettingsContact Data Protection Officer

About GDPR

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It applies to all organizations that process personal data of individuals in the European Union, regardless of where the organization is located.

As a user of Meshed, if you are in the EU, UK, or other regions with equivalent data protection laws, you have specific rights regarding your personal data. This page explains those rights and how to exercise them.

Your Rights Under GDPR

1. Right to be Informed (Transparency)

You have the right to clear, transparent information about how we collect and use your personal data. This information is provided in our Privacy Policy and this GDPR page.

How we fulfill this: Our Privacy Policy details what data we collect, why we collect it, how we use it, and who we share it with.

2. Right of Access

You have the right to access your personal data and supplementary information. This allows you to be aware of and verify the lawfulness of processing.

What you can access:

  • • All personal data we hold about you
  • • The purposes of processing
  • • Categories of data and recipients
  • • Retention periods
  • • Sources of the data
Access My Data

3. Right to Rectification

You have the right to have inaccurate personal data corrected or completed if it's incomplete.

How to correct your data: You can update most of your information directly in your account settings. For other corrections, contact our support team.

4. Right to Erasure ("Right to be Forgotten")

You have the right to have your personal data erased in certain circumstances, such as when the data is no longer necessary for the original purpose.

When erasure applies:

  • • Data no longer necessary for original purpose
  • • You withdraw consent (where consent was the legal basis)
  • • Data has been unlawfully processed
  • • Erasure required for legal compliance
  • • You object and there are no overriding legitimate grounds
Request Data Erasure

5. Right to Restrict Processing

You have the right to restrict the processing of your personal data in certain circumstances, rather than requesting erasure.

When you can restrict processing:

  • • You contest the accuracy of the data
  • • Processing is unlawful but you don't want erasure
  • • We no longer need the data but you need it for legal claims
  • • You've objected to processing pending verification

6. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller.

Data portability includes:

  • • Profile information and settings
  • • Posts, comments, and content you've created
  • • Social connections and relationships
  • • Activity history and preferences
  • • Data provided with consent or for contract performance
Download Portable Data

7. Right to Object

You have the right to object to processing of your personal data in certain circumstances, particularly for direct marketing.

You can object to:

  • • Direct marketing (absolute right)
  • • Processing for legitimate interests
  • • Processing for scientific/historical research
  • • Processing for statistical purposes

8. Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or significantly affects you.

Our commitment: We do not make automated decisions that have legal or similarly significant effects without human involvement.

Legal Basis for Processing

Under GDPR, we must have a legal basis for processing your personal data. Our legal bases include:

Our Legal Bases

Contract Performance

Processing necessary to provide our services (e.g., account management, content delivery)

Legitimate Interest

Processing for service improvement, security, fraud prevention (balanced against your interests)

Consent

Optional features like marketing communications, certain analytics (you can withdraw consent anytime)

Legal Obligation

Compliance with laws, regulations, and legal requests

Data Protection Officer (DPO)

We have appointed a Data Protection Officer to oversee our GDPR compliance and serve as your point of contact for data protection matters.

Contact Our DPO:

Email: dpo@meshed.social

Subject Line: GDPR Rights Request

Response Time: Within 72 hours for acknowledgment, 30 days for full response

International Data Transfers

When we transfer your data outside the EU/EEA, we ensure appropriate safeguards are in place:

  • Adequacy Decisions: Transfers to countries deemed adequate by the European Commission
  • Standard Contractual Clauses (SCCs): EU-approved contracts with data processors
  • Binding Corporate Rules: Internal rules for multinational companies
  • Certification Schemes: Privacy certifications and codes of conduct

Data Breach Notification

In the event of a personal data breach that is likely to result in high risk to your rights and freedoms, we will notify you without undue delay (within 72 hours when feasible).

Breach notification will include:

  • • Nature of the breach and data involved
  • • Likely consequences of the breach
  • • Measures taken to address the breach
  • • Recommended actions for affected individuals

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we've violated GDPR. You can contact:

  • Your local Data Protection Authority in the EU member state where you reside
  • The authority where the alleged infringement occurred
  • The authority where we have our main establishment (if different)

EU Data Protection Authorities:

Find your local authority at:European Data Protection Board

Exercising Your Rights

To exercise any of your GDPR rights, you can:

Self-Service Options

  • • Account settings for profile updates
  • • Privacy settings for data control
  • • Data export tool for portability
  • • Account deletion for erasure

Contact Methods

  • • Email: dpo@meshed.social
  • • Contact form with GDPR category
  • • In-app support chat
  • • Written letter to our address

Response Times

We are committed to responding to your rights requests promptly:

  • Acknowledgment: Within 72 hours
  • Full Response: Within 30 days (may extend to 60 days for complex requests)
  • Data Access: Within 30 days
  • Data Erasure: Without undue delay, typically within 30 days
  • Data Portability: Within 30 days

Need Help with Your GDPR Rights?

Our Data Protection Officer and support team are here to help you understand and exercise your rights under GDPR.

Contact DPOPrivacy PolicyPrivacy Settings