FeaturesHow It WorksSecurityContact
End-to-end encrypted
Start Demo

GDPR Compliance

Luonge is committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR). This page explains our commitment to data protection and your rights under GDPR.

GDPR Compliant
Data Protection Officer Appointed
Our Commitment to Data Protection

At Luonge, data protection is not just a legal requirement—it's a core value. We believe that trust is earned through transparency and action. That's why we've built privacy into every aspect of our platform.

As a data processor for our customers and a data controller for our own operations, we maintain strict compliance with GDPR requirements across all our activities.

Your Rights Under GDPR

Right to Access

You have the right to request a copy of all personal data we hold about you. We will provide this within 30 days of your request.

Right to Rectification

You can request corrections to any inaccurate or incomplete personal data we hold about you.

Right to Erasure

Also known as the "right to be forgotten." You can request deletion of your personal data under certain circumstances.

Right to Restrict Processing

You can request that we limit how we use your data while we address any concerns or complaints.

Right to Data Portability

You can request your data in a structured, commonly used, machine-readable format to transfer to another service.

Right to Object

You can object to us processing your personal data for direct marketing or based on legitimate interests.

Legal Basis for Processing

We process personal data under the following legal bases as defined by GDPR:

  • Contract Performance: Processing necessary to fulfill our service agreements with customers.
  • Consent: Processing based on your explicit consent, which you can withdraw at any time.
  • Legitimate Interest: Processing necessary for our legitimate business interests, balanced against your rights.
  • Legal Obligation: Processing required to comply with applicable laws and regulations.
Technical & Organizational Measures

We implement comprehensive technical and organizational measures to protect your personal data:

  • End-to-end encryption for all data in transit and at rest
  • Regular security audits and penetration testing
  • SOC 2 Type II certification
  • Data Processing Agreements with all sub-processors
  • Employee training on data protection
  • Privacy by design in all product development
  • Incident response procedures and breach notification protocols
  • Regular reviews of data retention policies
International Data Transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements with all sub-processors
  • Regular assessments of data protection laws in recipient countries

Exercise Your Rights

To exercise any of your GDPR rights or if you have questions about how we handle your personal data, please contact our Data Protection Officer:

Email: dpo@luonge.com

Response Time: Within 30 days of your request

You also have the right to lodge a complaint with your local data protection supervisory authority if you believe your rights have been violated.

Contact Us