ServerTrack.io
Legal Documentation

GDPR Compliance Statement

ServerTrack is committed to protecting the privacy and security of your data.

GDPR Compliance Statement

1. Our Commitment

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that regulates the use and handling of personal data of EU residents. ServerTrack (operated by Onecodesoft) is fully committed to compliance with the GDPR. We have integrated data protection principles into our service design and operations.

2. Our Role: Data Processor

In the context of the ServerTrack service:

  • You (The Customer) are the Data Controller. You decide what data to collect and where to send it (e.g., Facebook, Google).
  • ServerTrack is the Data Processor. We process data on your behalf, following your instructions to forward events to your specified destinations.

3. Data Minimization & Security

We believe in processing only what is necessary. Our system is designed to:

  • Hash Sensitive Data: PII such as emails and phone numbers are automatically hashed (SHA256) before being sent to ad platforms, ensuring raw data is never exposed unnecessarily.
  • Encryption: All data is encrypted in transit using TLS 1.3 and at rest using industry-standard AES encryption.
  • Ephemeral Processing: For customers on lower tiers, data is retained only for a short period (7 days) for debugging purposes before being permanently deleted.

4. Rights of Data Subjects

We provide tools to help you fulfill your obligations to your users (Data Subjects):

  • Right to Access & Portability: You can export your event logs from the ServerTrack dashboard in a machine-readable format (JSON/CSV).
  • Right to Erasure ("Right to be Forgotten"): You can request the deletion of all data associated with a specific user or your entire account at any time via our support team or dashboard settings.

5. International Data Transfers

ServerTrack utilizes cloud infrastructure provided by Protected (located in Germany/Finland), ensuring that data for our European customers remains within the EU/EEA where possible. For transfers to third countries, we rely on Standard Contractual Clauses (SCCs) to ensure appropriate safeguards.

6. Sub-processors

We engage a limited number of trusted sub-processors to deliver our service. A full list is available in our Data Processing Agreement (DPA).

7. Contact Our Data Protection Officer

If you have any questions about our GDPR compliance or need to submit a data subject request, please contact our Data Protection Officer:

Email: privacy@onecodesoft.com
Address: Onecodesoft, SR Plaza, Mirpur, Dhaka, Bangladesh.

Need a signed agreement?

View our full Data Processing Agreement.

View DPA