GDPR and Data Protection

Last updated: June 29, 2026

Our Commitment to GDPR

GetMoreReview is committed to compliance with the General Data Protection Regulation and applicable data protection laws. We believe privacy is a right, not a feature.

This page explains how GDPR applies to your use of our platform and how we help you stay compliant with your own customers data.

Data Controller vs Data Processor

We are the Data Controller for:

• Your account information, including name, email, and business details.
• Your payment information, processed securely through Stripe.
• Your usage data on our platform.
• Platform analytics and performance data.

We are a Data Processor for:

• Your customers email addresses that you upload.
• Customer feedback and ratings submitted through your review page.
• Customer names and contact details you provide to us.

When processing your customers data, you are the Data Controller. You are responsible for ensuring you have a lawful basis to contact your customers and that your use of GetMoreReview complies with GDPR.

Lawful Basis for Processing

We process your personal data on the following lawful bases:

• Contract performance: to provide the service you signed up for.
• Legitimate interests: to improve our platform and prevent fraud.
• Legal obligation: where required by law.
• Consent: for marketing communications, where you can opt out at any time.

Your Rights Under GDPR

Data Retention

• Account data: retained while your account is active plus 30 days after a deletion request.
• Customer feedback: retained for 2 years unless you request earlier deletion.
• Email logs: retained for 90 days for deliverability monitoring.
• Payment records: retained for 7 years where required by financial regulations.

Data Transfers

Your data is stored on secure hosting infrastructure. Where data is transferred to third-party providers outside the EEA, such as Google or email delivery providers, we use appropriate safeguards including contractual data protection protections where required.

Your Responsibilities as a Data Controller

When using GetMoreReview to contact your customers, you must:

• Have a lawful basis to contact each customer.
• Include an unsubscribe mechanism in marketing emails where required.
• Honour unsubscribe requests promptly.
• Not upload data obtained unlawfully or without appropriate permission.
• Have a Privacy Policy on your own website that explains how you use customer data.

Security Measures

• All data transmitted through HTTPS encryption.
• Passwords hashed securely.
• Database access restricted to authorised systems only.
• Regular security updates and vulnerability monitoring.
• Customer data access limited to authorised team members only.

Cookies

We use essential session cookies required for the platform to function. Where we use analytics or optional cookies, we aim to provide appropriate notice and controls.

Data Breach Procedure

In the event of a data breach, we will notify affected users and relevant authorities where required by applicable data protection law.