Legal

GDPR Compliance

Last updated: December 18, 2025

1. Introduction

PricingMonitor is committed to compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This page explains how we comply with GDPR requirements and outlines your rights as a data subject.

2. Data Controller Information

The data controller responsible for your personal data is:

PricingMonitor
Nice, France
Email: [email protected]

For any GDPR-related inquiries, please contact us at the email address above.

3. Personal Data We Process

We process the following categories of personal data:

  • Identity Data: Name
  • Contact Data: Email address
  • Usage Data: Information about how you use our Service (collected via Google Analytics)
  • Technical Data: IP address, browser type, device information

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract Performance: To provide our Service and fulfill our contractual obligations to you
  • Legitimate Interest: To improve our Service, ensure security, and prevent fraud
  • Consent: For analytics and marketing communications (where applicable)
  • Legal Obligation: To comply with applicable laws and regulations

5. Purpose of Processing

We process your personal data for the following purposes:

  • To provide and maintain our monitoring service
  • To process payments and manage subscriptions
  • To send service notifications and alerts
  • To analyze usage patterns and improve our Service
  • To provide customer support
  • To comply with legal obligations

6. Data Storage and Location

Your personal data is stored on servers located within the European Union (EU). We ensure that all data processing activities comply with GDPR requirements and that appropriate technical and organizational measures are in place to protect your data.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this notice, unless a longer retention period is required by law. When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are legally required to retain it.

8. Your Rights Under GDPR

As a data subject, you have the following rights under GDPR:

8.1 Right of Access (Article 15)

You have the right to obtain confirmation as to whether we process your personal data and to access that data, including copies of your personal data.

8.2 Right to Rectification (Article 16)

You have the right to have inaccurate personal data corrected and incomplete data completed.

8.3 Right to Erasure ("Right to be Forgotten") (Article 17)

You have the right to request deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the original purpose or when you withdraw consent.

8.4 Right to Restrict Processing (Article 18)

You have the right to restrict the processing of your personal data in certain situations, such as when you contest the accuracy of the data or object to processing.

8.5 Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

8.6 Right to Object (Article 21)

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

8.7 Right to Withdraw Consent (Article 7)

Where processing is based on consent, you have the right to withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

8.8 Right to Lodge a Complaint (Article 77)

You have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates GDPR. In France, the supervisory authority is the Commission Nationale de l'Informatique et des Libertés (CNIL).

9. How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at [email protected]. We will respond to your request within one month. If your request is complex or we receive multiple requests, we may extend this period by up to two additional months, and we will inform you of any such extension.

We may request proof of identity before processing your request to ensure the security of your personal data.

10. Data Transfers

Your personal data is primarily stored on EU servers. However, some third-party services we use may process data outside the EU:

  • Stripe: Payment processing (may involve transfers to the US, protected by Standard Contractual Clauses)
  • Google Analytics: Analytics services (may involve transfers to the US, protected by appropriate safeguards)
  • MailGun: Email delivery (may involve transfers to the US, protected by appropriate safeguards)

We ensure that all international data transfers comply with GDPR requirements and that appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

11. Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay, and in any event within 72 hours of becoming aware of the breach, where feasible.

12. Automated Decision-Making

We do not use automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you.

13. Supervisory Authority

If you wish to lodge a complaint about our processing of your personal data, you can contact the French supervisory authority:

Commission Nationale de l'Informatique et des Libertés (CNIL)
3 Place de Fontenoy - TSA 80715
75334 Paris Cedex 07
France
Website: https://www.cnil.fr

14. Contact Us

For any questions about our GDPR compliance or to exercise your rights, please contact us at:

PricingMonitor
Nice, France
Email: [email protected]