GDPR Compliance

Our Commitment

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that governs the processing of personal data of individuals in the European Union. Future Micro is committed to GDPR compliance for all EU-based users and data subjects.

This page outlines how we meet GDPR requirements and the rights available to EU data subjects.

Lawful Basis for Processing

We process personal data only when we have a valid lawful basis:

Contract Performance

Processing necessary to fulfill our contractual obligations to you.

Legitimate Interests

Processing for our legitimate business purposes, balanced against your rights.

Consent

Processing based on your explicit consent, which you can withdraw at any time.

Legal Obligation

Processing required to comply with legal requirements.

Your Rights Under GDPR

As a data subject in the EU, you have the following rights:

Right to Access

You can request a copy of your personal data that we hold. We will provide this information within 30 days of your request.

Right to Rectification

You can request correction of inaccurate or incomplete personal data we hold about you.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data in certain circumstances, such as when the data is no longer necessary or you withdraw consent.

Right to Restriction of Processing

You can request that we limit how we use your data while we address your concerns or verify the accuracy of your data.

Right to Data Portability

You can request a copy of your data in a structured, commonly used, machine-readable format to transfer to another service.

Data Transfers

Future Micro is based in the United States. When we transfer personal data from the EU/EEA, we ensure appropriate safeguards are in place:

Standard Contractual Clauses (SCCs) approved by the European Commission
Data processing agreements with third-party processors
Technical and organizational security measures
Regular compliance assessments

Data Protection Measures

We implement comprehensive data protection measures including:

Data minimization - we only collect data necessary for our services
Purpose limitation - we use data only for specified purposes
Storage limitation - we retain data only as long as necessary
Integrity and confidentiality - we secure data against unauthorized access
Privacy by design - we incorporate privacy into our systems from the start

Data Processing Agreements

For customers who engage Future Micro as a data processor, we offer Data Processing Agreements (DPAs) that comply with GDPR Article 28 requirements. Our DPAs include:

Nature, purpose, and duration of processing
Categories of data subjects and personal data
Obligations of both controller and processor
Sub-processor authorization requirements
Data breach notification procedures

Exercising Your Rights

To exercise any of your GDPR rights, please contact our Data Protection Officer:

Data Protection Officer

Future Micro, Inc.

Email: dpo@futuremicro.ai

We will respond to your request within 30 days. In complex cases, we may extend this period by up to two months, and we will inform you of any such extension.

Supervisory Authority

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local supervisory authority. For general inquiries or escalations, you may also contact the lead supervisory authority in your EU Member State.