Compliance
GDPR compliance, data processor disclosures, and policy documents.
GDPR
Staffify AI processes data in compliance with the General Data Protection Regulation (GDPR). This includes:
- Lawful basis for processing established for all data types
- Data subject rights: access, rectification, erasure, portability, and objection
- 72-hour breach notification to supervisory authorities
- Data Processing Agreements (DPA) available on request
- Two-factor authentication available for all account types
Data Processors
The following third-party processors are used in the operation of the Staffify AI platform:
| Processor | Purpose |
|---|---|
| Payment Processing | Billing and payments |
| Telephony & SMS | Voice calls and messaging |
| Speech Services | Speech-to-text and text-to-speech |
| Cloud Infrastructure | Hosting and storage |
| AI Processing | Language model inference |
| CDN & Security | DNS, domains, and DDoS protection |
| Error Monitoring | Reliability and issue detection |
Policy Documents
- Privacy Policy— Full data processing details, GDPR rights, cookie policy
- Terms & Conditions— Service agreement, acceptable use, liability