Legal

GDPR Compliance

This GDPR Compliance Notice applies to individuals located in the European Union and the European Economic Area. It supplements INVASSO LLC's Privacy Policy and outlines our data processing practices under the General Data Protection Regulation.

Last Updated: December 16, 2025

Lawful Bases for Processing Personal Data

Under GDPR, we process personal data only when we have a lawful basis. INVASSO may process personal data under one or more of the following bases:

  • Consent – when you voluntarily provide information or opt into communications.
  • Contractual necessity – to deliver software, services, or support you request.
  • Legitimate interests – such as improving website performance, securing platforms, or understanding service usage.
  • Legal obligations – when required by law, regulation, or compliance frameworks.
  • Vital interests – only in rare cases where processing is necessary to protect someone's safety.

Categories of Personal Data We Process

Depending on how you interact with INVASSO, we may process:

  • Identification details (name, email, phone)
  • Business information (company name, role, project details)
  • Technical data (IP address, device type, browser)
  • Usage data (pages viewed, actions taken within platforms)
  • Communication data (messages submitted through forms or support channels)

INVASSO does not intentionally collect sensitive data unless explicitly provided as part of a business engagement.

How We Use Personal Data

Common purposes for processing include:

  • Providing and managing our software and services
  • Responding to inquiries and support requests
  • Maintaining website performance and security
  • Improving features and user experience
  • Conducting business operations and analytics
  • Fulfilling legal or regulatory requirements

INVASSO does not sell personal data.

International Data Transfers

INVASSO is headquartered in the United States. If you are located in the EU/EEA, your personal data may be transferred to the U.S. for processing.

We use appropriate safeguards, which may include:

  • Standard Contractual Clauses (SCCs)
  • Contractual agreements with service providers
  • Technical controls such as encryption and access management

Transfers occur only when necessary to deliver our services or operate our business.

Data Retention

Personal data is retained only as long as necessary to:

  • Provide requested services
  • Meet contractual obligations
  • Comply with legal requirements
  • Maintain business records

Retention periods vary depending on the context.

Your Rights Under GDPR

EU/EEA residents have the following rights:

Right to Access

You may request a copy of the personal data we hold about you.

Right to Rectification

You may request corrections to inaccurate or incomplete data.

Right to Erasure ("Right to Be Forgotten")

You may request deletion of your personal data, subject to legal or operational limitations.

Right to Restrict Processing

You may ask us to limit how your data is used.

Right to Data Portability

You may request your data in a structured, machine-readable format.

Right to Object

You may object to processing conducted on legitimate interest grounds.

Right to Withdraw Consent

If processing is based on your consent, you may withdraw it at any time.

Right to Lodge a Complaint

You may file a complaint with your local data protection authority.

INVASSO will respond to all verified GDPR requests within applicable timeframes.

Automated Decision-Making & AI Systems

INVASSO uses automated systems and AI-assisted features in certain products. We do not use AI or automation for:

  • Solely automated decisions that produce legal or similarly significant effects
  • Profiling individuals for marketing without consent

Where AI is used, human oversight is maintained. You may request information about how automated processes operate within INVASSO platforms.

How to Submit GDPR Requests

To exercise your rights, contact us using any of the following:

Email: info@invasso.com

Phone: (844) 468-2776

Mail:
INVASSO LLC
181 New Road
Parsippany, NJ 07054

We may require identity verification before completing your request.

Data Protection Officer (DPO)

INVASSO does not currently meet the regulatory criteria requiring appointment of a Data Protection Officer.

However, privacy responsibilities are assigned internally and can be contacted via the details above.

Updates to This GDPR Notice

This Notice may be updated to reflect:

  • Changes in GDPR requirements
  • Adjustments in our data practices
  • Updates to services or integrations

The most current version will always be posted on our website.

Contact Information

For any GDPR questions, requests, or concerns:

INVASSO LLC

181 New Road
Parsippany, NJ 07054

Email: info@invasso.com

Phone: (844) 468-2776

Related Legal Documents:

Privacy PolicyTerms of ServiceCalifornia Privacy NoticeCookie Policy