← Back to ScanTheGap

Your GDPR Rights

Last Updated: April 10, 2026

Introduction

Under the General Data Protection Regulation (GDPR), you have specific rights regarding your personal data. This page explains these rights in plain language and how to exercise them.

Your Six Key Rights

1. Right of Access (Article 15)

What it means: You have the right to know what personal data we hold about you and how we use it.

What you can request:

Example: "I would like a copy of all my personal data you have stored."

2. Right to Rectification (Article 16)

What it means: You have the right to correct inaccurate or incomplete personal data.

What you can request:

Example: "My email address in your system is incorrect. Please update it to [new email]."

3. Right to Erasure / Right to be Forgotten (Article 17)

What it means: You have the right to request deletion of your personal data in certain circumstances.

When this applies:

Important limitations: We may not be able to delete data if we need it for:

Example: "I would like to delete my account and all associated personal data."

4. Right to Data Portability (Article 20)

What it means: You have the right to receive your personal data in a structured, commonly used, machine-readable format.

What you can request:

What data is included:

Example: "Please provide all my scan data in CSV format so I can transfer it to another service."

5. Right to Restriction of Processing (Article 18)

What it means: You have the right to limit how we use your data in certain situations.

When this applies:

What happens: We will store your data but not actively process it (except with your consent or for legal claims).

Example: "I dispute the accuracy of my scan history. Please restrict processing until this is resolved."

6. Right to Object (Article 21)

What it means: You have the right to object to processing based on legitimate interests or for direct marketing.

When this applies:

Example: "I object to receiving marketing emails. Please stop sending them."

Additional Rights

Right to Withdraw Consent

Where we process your data based on consent, you have the right to withdraw that consent at any time. This does not affect the lawfulness of processing before withdrawal.

Right to Lodge a Complaint

You have the right to lodge a complaint with your national data protection supervisory authority if you believe we have not handled your data appropriately.

How to Exercise Your Rights

Step 1: Submit Your Request

Send an email to info@scanthegap.com with:

Step 2: Identity Verification

To protect your privacy, we may need to verify your identity before processing your request. We may ask for:

Step 3: We Process Your Request

We will:

Response Times

Fees

Exercising your GDPR rights is free of charge. However, we may charge a reasonable fee if:

We will inform you of any fees before processing your request.

Supervisory Authorities

If you are not satisfied with how we handle your request, you have the right to lodge a complaint with your national data protection authority.

Germany — Hamburg Data Protection Authority

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Str. 22, 7. OG
20459 Hamburg, Germany
Website: https://datenschutz.hamburg.de
Email: mailbox@datenschutz.hamburg.de

EU/EEA Supervisory Authorities

Full list of EU supervisory authorities:
https://edpb.europa.eu/about-edpb/about-edpb/members_en

Common Authorities

Data Protection Officer

Note: Under GDPR, only certain organizations are required to appoint a Data Protection Officer (DPO). As a small business, we are not required to have a designated DPO. You can contact us at info@scanthegap.com for all data protection matters.

Contact Information

For all GDPR-related requests and questions:

Useful Resources

Related Policies

For more information about how we handle your data, please see: