GDPR Compliance

Last updated: September 17, 2025

Our GDPR Commitment

Pitchers is committed to protecting your privacy and personal data in accordance with the General Data Protection Regulation (GDPR). We have implemented comprehensive measures to ensure full compliance with GDPR requirements.

✓ GDPR Compliant: We are fully compliant with GDPR regulations and continuously monitor our practices to maintain compliance.

Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

Right of Access

You can request access to your personal data and information about how it's processed.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data under certain circumstances.

Right to Restrict Processing

You can request limitation of processing of your personal data.

Right to Data Portability

You can request transfer of your data to another service provider.

Right to Object

You can object to processing of your personal data for certain purposes.

Data Processing Lawful Basis

We process your personal data based on the following lawful bases:

Consent

You have given clear consent for us to process your personal data for specific purposes.

Contract Performance

Processing is necessary for the performance of a contract with you.

Legitimate Interests

Processing is necessary for our legitimate interests, balanced against your rights.

Legal Obligation

Processing is necessary to comply with legal obligations.

Data Security Measures

We implement comprehensive security measures to protect your personal data:

  • Encryption: All data is encrypted in transit and at rest
  • Access Controls: Strict access controls and authentication mechanisms
  • Regular Audits: Regular security audits and vulnerability assessments
  • Staff Training: Regular GDPR and data protection training for all staff
  • Incident Response: Comprehensive data breach response procedures
  • Data Minimization: We only collect and process data that is necessary

Data Retention

We retain personal data only for as long as necessary:

  • Account Data: Retained while your account is active
  • Transaction Data: Retained for 7 years for tax and legal compliance
  • Marketing Data: Retained until you opt-out or for 3 years
  • Support Data: Retained for 2 years after resolution
  • Analytics Data: Anonymized after 2 years

Data Transfers

When we transfer personal data outside the EEA, we ensure adequate protection through:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Certification schemes and codes of conduct

Exercising Your Rights

To exercise any of your GDPR rights, please contact us using the information below. We will respond to your request within one month.

Required Information

Please include your full name, email address, and a clear description of your request when contacting us about your GDPR rights.

Contact Information

For GDPR-related inquiries, data subject requests, or privacy concerns:

Data Protection Officer: dpo@pitchers.com

General Privacy: privacy@pitchers.com

Subject Line: GDPR Request - [Your Request Type]

Supervisory Authority: You also have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not handled your personal data in accordance with GDPR.