Blogree Technologies is committed to compliance with the General Data Protection Regulation (GDPR) for users in the European Union and European Economic Area. This page explains how we handle personal data under GDPR and your rights as a data subject.
Data Controller
Blogree Technologies acts as the data controller for personal data collected directly from users (account registration, billing, usage data). For data processed on behalf of customers (content you publish through Blogree), you are the data controller and Blogree acts as a data processor.
Legal Basis for Processing
We process personal data under the following legal bases: (1) Contract Performance — to provide the Blogree service you signed up for; (2) Legitimate Interests — to improve our service, prevent fraud, and analyze usage patterns; (3) Consent — for marketing emails and non-essential cookies; (4) Legal Obligation — where required by applicable law.
Your Rights Under GDPR
As an EU/EEA resident, you have the following rights: • Right of Access — request a copy of your personal data • Right to Rectification — correct inaccurate personal data • Right to Erasure — request deletion of your personal data • Right to Restrict Processing — limit how we process your data • Right to Data Portability — receive your data in a machine-readable format • Right to Object — object to processing based on legitimate interests • Rights related to Automated Decision Making — request human review of automated decisions To exercise any of these rights, email gdpr@blogree.com. We respond within 30 days.
Data Processing Agreement (DPA)
If you are a business using Blogree to process personal data on behalf of your customers (for example, an agency with EU client sites), you may require a Data Processing Agreement. Email legal@blogree.com to request a DPA. We offer a standard DPA based on the EU Standard Contractual Clauses.
Data Transfers Outside the EU
Blogree's infrastructure is primarily hosted in the EU. Some service providers (such as Stripe for payments and Resend for email) may process data outside the EU. We ensure all such transfers are covered by appropriate safeguards including Standard Contractual Clauses or adequacy decisions.
Data Retention
We retain your account data for as long as your account is active or as needed to provide services. When you delete your account, we delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or financial record-keeping purposes (typically 7 years for billing records).
Data Breach Notification
In the event of a personal data breach that risks your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay as required by GDPR Article 33–34.
Supervisory Authority
If you are unsatisfied with our response to a GDPR request, you have the right to lodge a complaint with your local data protection supervisory authority. A list of EU supervisory authorities is available at edpb.europa.eu.
GDPR requests and DPA inquiries: gdpr@blogree.com · Visit our Privacy Policy for the full data handling overview.