Last updated: 19 May 2026
GDPR Compliance
Information for merchants and individuals in the European Economic Area (EEA), United Kingdom, and Switzerland about GDPR rights and EcomSolveBD's practices.
Roles
For your customers' personal data processed through our platform, you are typically the data controller and EcomSolveBD is the data processor. For your account, billing, and product security data, EcomSolveBD may act as an independent controller.
Lawful bases
We process personal data under GDPR based on:
- Contract: providing the SaaS you subscribed to.
- Legitimate interests: security, fraud prevention, service improvement (balanced against your rights).
- Consent: where required for non-essential cookies or optional marketing.
- Legal obligation: tax, accounting, and regulatory requests.
Your rights
Submit requests to privacy@ecomsolvebd.com. We respond within one month unless extension is permitted.
- Access, rectification, erasure, restriction, portability, and objection.
- Withdraw consent where processing is consent-based.
- Lodge a complaint with your supervisory authority.
International transfers
When data leaves the EEA/UK, we rely on appropriate safeguards such as Standard Contractual Clauses and vendor compliance programs.
Processor obligations
We process personal data only on documented instructions (your account configuration and integrations), implement appropriate security measures, assist with data subject requests where feasible, and use subprocessors under written terms.
Subprocessors
See our Subprocessors page for an up-to-date list of service providers.
Exercise your GDPR rights
Contact our privacy team to submit a verified request.