GDPR Compliant

GDPR Compliance & Data Protection

Your privacy matters. We're fully committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR).

Last Updated: February 2026

Core Principles

GDPR principles we follow

Our data protection practices are built on the six core principles of GDPR.

Lawfulness, Fairness & Transparency

We process your data lawfully, fairly, and in a transparent manner. You always know what data we collect and why.

Purpose Limitation

We collect your data for specific, explicit, and legitimate purposes only and don't use it for other reasons.

Data Minimization

We only collect data that is necessary for the purposes we've stated. Nothing more, nothing less.

Accuracy

We ensure your personal data is accurate and kept up to date. You can update your information anytime.

Storage Limitation

We keep your data only for as long as necessary for the purposes we collected it for.

Integrity & Confidentiality

We protect your data with appropriate security measures against unauthorized access, loss, or damage.

Your Rights

Your data protection rights

Under GDPR, you have several rights regarding your personal data. Here's how you can exercise them.

Right to Access

You can request a copy of all personal data we hold about you at any time.

Right to Rectification

You can update or correct your personal information if it's inaccurate or incomplete.

Right to Erasure

You can request deletion of your personal data under certain circumstances.

Right to Restrict Processing

You can request that we limit the way we use your personal data.

Right to Data Portability

You can receive your data in a structured, commonly used format and transfer it to another service.

Right to Object

You can object to processing of your data for direct marketing or other purposes.

Need help exercising your rights?

Our Data Protection Officer is here to help. Contact us at dpo@reworkdigital.io to exercise any of your rights or ask questions about our data practices.

Transparency

What data we collect

Transparency is key. Here's a complete overview of the personal data we collect and why.

Account Information

  • Name and contact details (email, phone)
  • Account credentials (encrypted)
  • Profile information and preferences
  • Professional skills and experience

Usage Data

  • Login activity and timestamps
  • Pages visited and features used
  • Device and browser information
  • IP address and location data

Communication Data

  • Messages between candidates and agents
  • Support ticket conversations
  • Email communications
  • Feedback and survey responses

Transaction Data

  • Payment information (via secure providers)
  • Transaction history and invoices
  • Billing addresses
  • Payment method details (tokenized)

Security

How we protect your data

We implement robust technical and organizational measures to protect your personal data.

End-to-End Encryption

All sensitive data is encrypted both in transit and at rest using industry-standard protocols.

Secure Infrastructure

Our servers are hosted in secure, certified data centers with 24/7 monitoring and protection.

Access Controls

Strict access controls ensure only authorized personnel can access personal data on a need-to-know basis.

Regular Audits

We conduct regular security audits and penetration testing to identify and fix vulnerabilities.

Data Breach Protocol

We have procedures in place to detect, report, and investigate any data breaches within 72 hours.

Privacy by Design

Data protection is built into our systems from the ground up, not added as an afterthought.

Retention

Data retention policy

We only keep your data for as long as necessary. Here's our retention schedule.

Data TypeRetention PeriodReason
Active Account DataDuration of account + 30 daysTo provide services and resolve any post-closure issues
Transaction Records7 yearsLegal and tax compliance requirements
Communication Logs2 yearsCustomer support and dispute resolution
Marketing DataUntil consent is withdrawnTo send you updates and offers you've opted into

International Data Transfers

REWORK Digital operates globally, and your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure that all international data transfers comply with GDPR requirements.

  • We use Standard Contractual Clauses (SCCs) approved by the European Commission
  • We only transfer data to countries with adequate data protection levels
  • All service providers are contractually bound to protect your data

Contact Our DPO

Have questions about your data or our GDPR compliance? Our Data Protection Officer is here to help.

dpo@reworkdigital.io

Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe we're not complying with GDPR.

Your privacy, our priority

Join thousands of professionals and businesses who trust us with their data. Start your journey with confidence.

Ready to automate your business?

Hire verified AI & automation experts and deploy intelligent workflows today.

REWORK Digital

The AI & automation platform. Hire verified experts, build proof-of-work portfolios, and deploy intelligent workflows with escrow-protected delivery.

info@reworkdigital.io
Toronto, Canada
+1 (437) 475-6882

The REWORK Pulse

AI & automation insights, platform updates — weekly

No spam. Unsubscribe anytime.

Platform

Products

Legal

Company

SSL Secured
Verified Platform

© 2026 REWORK Digital. All rights reserved.

Always think...