GDPR & Data Protection
Last updated: 2 July 2026
ShoortMedia LLC processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and UK GDPR where applicable.
Roles
For account and billing data, we act as controller. For customer data you enter about your clients, you are typically the controller and we act as processor.
Lawful bases
- Contract — providing the service you signed up for
- Legitimate interests — security, fraud prevention, product improvement
- Consent — where required for marketing cookies or optional features
- Legal obligation — tax, accounting, and regulatory requirements
Data subject rights
Access, rectification, erasure, restriction, portability, and objection — contact [email protected]. We respond within statutory timelines.
International transfers
Data may be processed in countries outside the EEA with appropriate safeguards (Standard Contractual Clauses or equivalent).
DPA
Enterprise customers may request a Data Processing Agreement via [email protected].