GDPR Statement

Last updated: May 29, 2026

This GDPR statement supplements our Privacy Policy for users in the EU, UK and EEA. It explains the legal bases we rely on, your rights and how to exercise them.

Data controller

Salesio acts as the data controller for personal data you provide directly. For content you publish on your Salesio-built site, Salesio is the data processor and you remain the controller of your own customers' data.

Legal bases for processing

• Contract. To provide the Service you've subscribed to.
• Legitimate interests. To prevent fraud, improve the product, send transactional emails.
• Consent. For analytics, marketing emails and optional cookies. Withdrawable at any time.
• Legal obligation. To comply with tax, accounting and law-enforcement requests.

Your rights

• Access the personal data we hold about you.
• Have inaccurate data corrected.
• Have your data deleted ("right to erasure"), subject to legal retention.
• Receive a portable copy of your data.
• Object to or restrict certain processing.
• Withdraw consent.
• Lodge a complaint with your local data protection authority.

How to exercise your rights

Email privacy@salesio.app from the address on your Salesio account. We respond within 30 days.

International transfers

Personal data is processed in the United States. We rely on Standard Contractual Clauses (SCCs) approved by the European Commission for these transfers.

Data Protection Officer

Salesio doesn't have a formal DPO (we're below the GDPR Article 37 threshold). Privacy matters go to privacy@salesio.app.

Complaints

If you believe we've not handled your data correctly, you can complain to your local DPA.