GDPR Compliance

Your Data Protection Rights

We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR).

Effective from: May 25, 2018 | Last updated: 12 August 2025

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It strengthens and unifies data protection for individuals within the European Union (EU) and addresses the export of personal data outside the EU.

As a Mauritius-based company serving clients globally, including those in the EU, we are committed to GDPR compliance and ensuring your personal data is processed lawfully, fairly, and transparently.

Our Commitment

We implement appropriate technical and organizational measures to ensure and demonstrate that data processing is performed in accordance with GDPR requirements.

Your Data Protection Rights

Right to Access
Request access to your personal data
  • Confirmation that we process your data
  • Copy of your personal data
  • Information about how we use your data
  • Details about data sharing
Right to Rectification
Correct inaccurate or incomplete data
  • Update incorrect personal information
  • Complete incomplete data
  • Ensure data accuracy
  • Request verification of corrections
Right to Erasure
Request deletion of your personal data
  • Delete data when no longer necessary
  • Remove data processed unlawfully
  • Withdraw consent for processing
  • Object to direct marketing
Right to Restrict Processing
Limit how we process your data
  • Suspend processing during disputes
  • Limit processing to storage only
  • Restrict use for specific purposes
  • Maintain data but limit access
Right to Data Portability
Receive your data in a portable format
  • Machine-readable format
  • Transfer data to another service
  • Structured data export
  • Common file formats (JSON, CSV)
Right to Object
Object to certain data processing
  • Direct marketing communications
  • Profiling for marketing purposes
  • Processing for legitimate interests
  • Automated decision-making
How to Exercise Your Rights

To exercise any of your data protection rights, please contact us using the information below. We will respond to your request within one month, and there is no charge for most requests.

Email Request

Send your request to our Data Protection Officer

privacy@techtropic.io
Written Request

Techtropic Solutions Ltd.
Grand Baie, Mauritius

Include your full name and specify which right you wish to exercise

Identity Verification

To protect your privacy, we may need to verify your identity before processing your request. This helps ensure that personal data is not disclosed to unauthorized persons.

Lawful Basis for Processing

Under GDPR, we must have a lawful basis for processing your personal data. We rely on the following lawful bases:

Consent

You have given clear consent for us to process your personal data for specific purposes.

Examples:

Newsletter subscriptionsMarketing communicationsCookie preferences

Contract

Processing is necessary for a contract we have with you, or to take steps before entering into a contract.

Examples:

Service deliveryAccount managementPayment processing

Legal Obligation

Processing is necessary for us to comply with the law.

Examples:

Tax recordsFinancial reportingLegal compliance

Legitimate Interests

Processing is necessary for our legitimate interests or those of a third party, unless your rights override these interests.

Examples:

Website securityFraud preventionBusiness analytics
International Data Transfers

As a global company, we may transfer your personal data outside the European Economic Area (EEA). When we do so, we ensure appropriate safeguards are in place:

Adequacy Decisions

Transfers to countries with adequate protection levels

Standard Contractual Clauses

EU-approved contract terms for data protection

Binding Corporate Rules

Internal policies for multinational data transfers

Data Breach Procedures

In the unlikely event of a data breach that poses a high risk to your rights and freedoms, we will:

Our Response (within 72 hours)

  • Notify relevant supervisory authorities
  • Assess the scope and impact
  • Contain the breach immediately

Individual Notification

  • Notify affected individuals directly
  • Explain the nature of the breach
  • Provide protective measures
Questions or Complaints

If you have questions about this GDPR compliance information or wish to make a complaint, you can contact us directly or reach out to the relevant supervisory authority.

Contact Our DPO

Email: privacy@techtropic.io

Response time: Within 30 days

Supervisory Authority

Data Protection Commission of Mauritius

You have the right to lodge a complaint