GDPR & CCPA Compliance
Last updated: January 2025
Your Rights Under GDPR (EU Residents)
Under GDPR, EU residents have the right to access, rectify, erase, and port their personal data, as well as the right to object to or restrict processing. To exercise these rights, contact [email protected]. We will respond within 30 days and will not charge a fee for reasonable requests.
California Privacy Rights (CCPA)
California residents have the right to know what personal information is collected, request deletion of personal data, opt out of data sales (ZeksIO does not sell personal data), and non-discrimination for exercising these rights. To submit a CCPA request, contact [email protected].
Data Processing Agreements
Enterprise and government clients who require a Data Processing Agreement (DPA) in accordance with GDPR Article 28 may request one from their account manager. DPAs are provided at no additional cost and define the specific obligations of ZeksIO as a data processor.
International Data Transfers
ZeksIO operates in the US and Cameroon. For EU clients, data transfers to the US are conducted under Standard Contractual Clauses (SCCs) approved by the European Commission. We do not transfer EU personal data to countries without an adequate level of protection.
Government & Enterprise Compliance
ZeksIO's government practice aligns with FISMA, NIST SP 800-53, FedRAMP requirements, and CMMC frameworks. We support clients' compliance obligations with documentation, audit assistance, and technical controls. Contact our compliance team for specific requirements.
Data Breach Notification
In the event of a personal data breach, ZeksIO will notify affected clients within 72 hours of becoming aware of the breach, in accordance with GDPR Article 33. Notifications will include the nature of the breach, categories of data affected, and remediation steps taken.