European compliance

GDPR
Compliance

Xpeditis is committed to complying with the General Data Protection Regulation (GDPR) and guaranteeing your rights regarding personal data protection.

GDPR compliant
DPO appointed

Your GDPR rights

GDPR grants you enhanced rights over your personal data

Right of access

Obtain a copy of all personal data we hold about you.

Right to rectification

Have your personal data corrected if it is inaccurate or incomplete.

Right to erasure

Request the deletion of your personal data ("right to be forgotten").

Right to portability

Receive your data in a structured, machine-readable format.

To exercise your rights, log into your account or contact our DPO.

Our data protection principles

Fundamental principles that guide our data processing

Data minimisation

We only collect data strictly necessary for our services.

Retention limitation

Your data is retained only for the time needed.

Integrity & confidentiality

Your data is protected against any unauthorised access.

Transparency

We clearly inform you about the use of your data.

Protection measures

Technical and organisational measures to ensure the security of your data

Technical measures

  • Data encryption at rest and in transit
  • Multi-factor authentication
  • Data access logging
  • Regular encrypted backups
  • Pseudonymisation of sensitive data

Organisational measures

  • Designated Data Protection Officer (DPO)
  • Regular staff training
  • Documented security policies
  • Incident management process
  • Regular compliance audits

Processing register

In accordance with Article 30 of the GDPR, we maintain a register of personal data processing activities. This register documents:

  • The purposes of each processing
  • The categories of data processed
  • The recipients of the data
  • The retention periods
  • The security measures applied

Contact our DPO

Our Data Protection Officer is available for any questions related to the processing of your personal data or the exercise of your rights.