Contact us
Contact us

Our offices

  • United States
    2332 Beach Avenue
    Venice, CA 90291
  • Singapore
    L39, Marina Bay Financial Centre Tower
    10 Marina Boulevard

Follow us

GDPR Compliance

How we comply with the General Data Protection Regulation and protect the rights of EU residents.

Last updated: January 15, 2026

1. Our Commitment to GDPR

Skytells is committed to protecting the personal data of individuals in the European Economic Area (EEA) and the United Kingdom. We comply with the General Data Protection Regulation (GDPR) and applicable local data protection laws in all aspects of our operations.

2. Lawful Basis for Processing

We process personal data based on the following lawful bases:

  • Consent: Where you have given explicit consent for specific processing activities
  • Contract: Where processing is necessary for the performance of our service agreement
  • Legitimate Interest: Where processing is necessary for our legitimate business interests, balanced against your rights
  • Legal Obligation: Where processing is required to comply with applicable laws

3. Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us. We will respond within 30 days.

4. Data Protection Officer

Skytells has designated a Data Protection Officer (DPO) who oversees our data protection strategy and compliance. For data protection inquiries, please contact our DPO through our contact page.

5. International Data Transfers

When personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, or other valid transfer mechanisms. Our Data Processing Agreement contains further details on international transfers.

6. Data Breach Procedures

In the event of a personal data breach that poses a risk to individuals’ rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. Affected individuals will be notified without undue delay where the breach is likely to result in a high risk to their rights and freedoms.

7. Privacy by Design

We embed data protection into our development processes from the outset. This includes data minimization, purpose limitation, pseudonymization where appropriate, and conducting Data Protection Impact Assessments (DPIAs) for high-risk processing activities.

8. Supervisory Authority

If you are unsatisfied with our handling of your personal data, you have the right to lodge a complaint with your local data protection supervisory authority.