GDPR Policy

Organizations that are based in the EU and handle personal data of individuals residing in the EU are typically required to adhere to the GDPR from May 25, 2018. The GDPR revises and unifies the framework for handling personal data within the European Union, introducing new responsibilities for organizations and new rights for individuals.

Our Commitment

At Reachfast, we are dedicated to fulfilling the requirements of the GDPR. Our team of legal and policy experts has thoroughly examined the GDPR guidelines and continues to track new recommendations on best practices for complying with the GDPR. We have integrated these new mandates into our products, contracts, and policies to ensure full compliance with the GDPR. Reachfast services have been GDPR compliant since our inception in 2024

Global Product Compliance

Many of our clients operate in various regions worldwide. To provide a consistent user experience, Reachfast has implemented GDPR requirements across our entire platform and supports these requirements globally. We believe that consistent rules and program logic will significantly improve our customers' ability to comply with GDPR regulations.

Your Rights Regarding Your Personal Information

We value your privacy rights, and you can contact us anytime to ensure that your choices and requests regarding your personal information are respected. The list below aims to help Users and Contacts exercise their rights under relevant privacy and data protection laws:

Right of Access: You can request access to your personal information and obtain a copy of the personal data being processed by Reachfast. If you want to know what personal data is being processed by Reachfast, we will provide the following for free: purposes of processing, categories of personal data processed, recipients of personal data, duration of storage, your privacy rights, and information on data transfers. Such requests can be made by contacting our Privacy Team with the necessary details.

Right of Rectification: You can request modifications, updates, or additions to any incomplete data we process about you by contacting our Privacy Team with the relevant details. We may correct, supplement, or remove incomplete or inaccurate information at our discretion.

Right of Erasure: You can request the deletion of your personal data at any time. If there is no overriding legitimate reason to continue processing your personal data, we will delete it. Such requests can be made by contacting our Privacy Team with the necessary details.

Right of Restriction of Processing: You can request that we limit the processing of your personal data if its accuracy is disputed by you. To make such a request, contact our Privacy Team with all relevant information.

Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format. To make such a request, please contact our Privacy Team with the necessary information.

Right to Object to Data Processing: You have the right to object to the processing of your data. Such requests should be made by contacting our Privacy Team with the relevant details.

Please note that these rights are not absolute and may be subject to our legitimate interests and regulatory requirements.

Right to Object to Data Processing: If you are unsatisfied with our response or believe that we are processing your personal information unlawfully, you can file a complaint with the relevant data protection authority.

Retention

Personal information will be stored by Reachfast as long as it is necessary to provide our services and to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined based on the type of information collected and the purpose for its collection, taking into account applicable requirements and the need to eliminate outdated, unused information promptly.

You can request the deletion of your personal data as described above. If your data is fully deleted from the Reachfast Database, it might be collected again in the future through public platforms or our business partners. In this case, since we complied with your deletion request, we will not have records of your contact data, and your contact information may reappear in the Reachfast Database. We advise you to regularly check your profile or the Services to ensure that your current profile or account contains only the information you want to display.

Legal Basis for Processing

A common misconception about the GDPR is that consent is the sole legal basis for processing personal information of EU data subjects. While consent is one basis for lawful processing, it is not the only one.

Reachfast processes personal data based on its legitimate interest in providing services to its users, helping them fight online fraud, and verifying and authenticating online identities.

Categories of Recipients of Personal Data

To deliver our service, we may share certain personal data with companies and individuals who subscribe to our service. We may also share personal data with the following recipients: (i) our subsidiaries; (ii) subcontractors and other third-party service providers (e.g., payment processors, advertisers, marketers, hosting services, etc.); (iii) auditors or advisors of our business processes; and (iv) potential buyers or investors in Reachfast.

Transfer of Data to a Third Country

If we transfer personal data outside of the EU or EEA, we will do so following the legal mechanisms established by the GDPR (for example, the Privacy Shield or to territories that the European Commission has

deemed as providing an adequate level of protection).

Contact

For any further questions about our privacy practices, please reach out to us at support@reachfast.ai.

Additionally, EU residents may contact our EU representative under Art. 27 GDPR for any inquiries related to data protection and privacy:

Briahsoft Technologies LLC