Data rights and GDPR compliance

Edition: 2026.01, effective as of January 21, 2026

The Psyll platform https://psyll.com recognizes privacy and the protection of personal data not only as a legal requirement, but as the foundation of trust in the professional exchange of information. This document defines the principles for processing personal data and the rights granted to users under the General Data Protection Regulation (GDPR).

1. Data controller and transparency

The controller of personal data processed within the platform is the Psyll operational team. Our system architecture has been designed in accordance with the Privacy by Design principle, which means we collect only the minimum scope of information necessary to provide analytical services and maintain the integrity of user accounts.

2. Catalog of user rights (GDPR)

Every user of the Psyll platform has full control over their data. We provide technical implementation of the following rights:

  • Right of access to data (Art. 15 GDPR): The user has the right to obtain confirmation as to whether their data is being processed and to inspect its content directly in the profile settings panel.

  • Right to rectification (Art. 16 GDPR): We enable immediate updating of profile data and metadata.

  • Right to erasure of data / Right to be forgotten (Art. 17 GDPR): The user may initiate the procedure for permanent deletion of their account at any time. This operation results in the purging of personal data from our production servers.

  • Right to data portability (Art. 20 GDPR): We provide tools that allow the generation and download of a copy of the users data in a structured, commonly used, machine-readable format.

3. Scope and purpose of processing

We process data solely for technical and operational purposes:

  • Authentication: The email address and login data are used to secure access to the platforms resources.
  • Social interaction: Content published by users (UGC) is stored for the purpose of its public presentation in accordance with the authors will and the services terms and conditions.
  • System security: We record technical logs (IP addresses, session metadata) to detect abuses, attempts at unauthorized access, and to ensure infrastructure stability.

4. Data retention and security

Data is stored only for the period of the users account activity or until a request for its deletion is submitted.

5. Sharing data with third parties

Psyll does not trade personal data and does not disclose it to third parties for marketing purposes. Data may be transferred solely:

  • To trusted technological partners (e.g., server infrastructure providers or analytical systems such as Google Analytics) on the basis of appropriate data processing agreements.
  • To authorized bodies on the basis of legal provisions, solely in response to valid and binding legal requests.

6. Exercising rights and contact

Most rights under the GDPR can be exercised by the user independently through the user panel interface. In case of questions regarding privacy protection or to submit a data-related request, please contact our Data Protection Officer dpo@psyll.com.

For any inquiries, please contact us at contact@psyll.com or submit a request via our online form.