GDPR Compliance
Last updated: May 30, 2026
This page explains how Guse LTDA complies with the General Data Protection Regulation (GDPR) and outlines your rights as a data subject.
1. GDPR Overview
The General Data Protection Regulation (GDPR) is the EU's comprehensive data protection law. As a controller of personal data belonging to EU/EEA residents, Guse LTDA is committed to compliance. For full details of how we collect and use your data, see our Privacy Policy.
2. Lawful Basis for Processing
We process your personal data based on the following lawful bases:
- Contract (Art. 6(1)(b)): Account data, alarm data, subscription management
- Legitimate Interests (Art. 6(1)(f)): Security, crash reporting, fraud prevention, analytics
- Consent (Art. 6(1)(a)): Push notifications, analytics cookies (website), optional profile data
- Legal Obligation (Art. 6(1)(c)): Subscription records retained for tax/legal purposes
3. Your GDPR Rights
Under GDPR, you have the following rights regarding your personal data:
3.1 Right to Access
You may request a copy of all personal data we hold about you. We will respond within 30 days.
3.2 Right to Rectification
You may request correction of inaccurate or incomplete personal data. We will make corrections within 30 days.
3.3 Right to Erasure
You may request deletion of your personal data. Delete your account directly in the app (Settings → Account → Delete Account) or contact us. We delete data within 30 days, except where retention is required by law.
3.4 Right to Restriction of Processing
You may request that we restrict processing of your personal data in certain circumstances, such as when you contest its accuracy.
3.5 Right to Data Portability
You may request your personal data in a structured, machine-readable format to transfer to another controller.
3.6 Right to Object
You may object to processing based on legitimate interests or for direct marketing purposes.
3.7 Rights Related to Automated Decision-Making
We do not make decisions that produce legal or similarly significant effects based solely on automated processing.
3.8 Right to Withdraw Consent
Where we process data based on consent (push notifications, analytics cookies), you may withdraw consent at any time via the app settings or the website cookie banner.
4. How to Exercise Your Rights
To exercise any of your GDPR rights:
- Email us at: contact@guseapp.com
- Include your full name and account email address
- Specify which right(s) you wish to exercise
We will respond within 30 days. If we need more time, we will notify you and explain the reason for the delay.
5. International Data Transfers
When we transfer personal data outside the EEA, we use Standard Contractual Clauses (SCCs) approved by the European Commission (GDPR Art. 46). Our infrastructure providers (Cloudflare, Resend, Firebase/Google) are based in the USA and covered by these safeguards.
6. Data Retention
- Account data: Retained while your account is active, deleted within 30 days of account closure
- Subscription records: Retained for 7 years for legal and tax purposes
- Analytics/crash data: Per Firebase retention settings (2–14 months)
- Server logs (IP): 30 days via Cloudflare
7. Cookies and Tracking
Under GDPR, we obtain your consent before setting non-essential cookies. Our website uses a cookie consent banner where you can accept or reject analytics cookies. You can update your preferences at any time by clicking "Manage Preferences" in the footer cookie banner.
8. Children's Data
We do not knowingly collect personal data from children under 13 (or 16 in EU member states that have raised the age of consent under GDPR Art. 8). If we discover we have collected data from a child without proper consent, we will delete it promptly.
9. Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.
10. Supervisory Authority
You have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of alleged infringement.
Find your local authority at: European Data Protection Board
11. Contact Us
For GDPR-related inquiries or to exercise your rights:
- Email: contact@guseapp.com
- Website: getwakeproof.com