Compliance

GDPR Compliance Statement

Last updated: June 2026

1. Our Commitment to GDPR

At Northstar Studio, we are fully committed to compliance with the General Data Protection Regulation (GDPR). We believe in the fundamental right to privacy and the protection of personal data. This statement outlines our approach to data protection and how we ensure compliance both internally and for the digital products we build for our clients.

2. Your Data Protection Rights

Under the GDPR, you have the following rights regarding your personal data:

  • The right to access: You have the right to request copies of your personal data.
  • The right to rectification: You have the right to request that we correct any information you believe is inaccurate.
  • The right to erasure: You have the right to request that we erase your personal data, under certain conditions.
  • The right to restrict processing: You have the right to request that we restrict the processing of your personal data.
  • The right to object to processing: You have the right to object to our processing of your personal data.
  • The right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you.

3. Data Processing Principles

We adhere to the core principles of GDPR in all our operations:

  • Lawfulness, fairness, and transparency: We process data lawfully and transparently.
  • Purpose limitation: Data is collected for specified, explicit, and legitimate purposes.
  • Data minimization: We only collect data that is adequate, relevant, and limited to what is necessary.
  • Accuracy: We ensure that personal data is accurate and kept up to date.
  • Storage limitation: Data is kept in a form which permits identification of data subjects for no longer than is necessary.
  • Integrity and confidentiality: Data is processed in a manner that ensures appropriate security.

4. Sub-processors

We use certain trusted third parties to provide specific services (e.g., hosting providers like Vercel or AWS, analytics, and CRM tools). We ensure all our sub-processors are GDPR compliant and have signed Data Processing Agreements (DPAs) with us.

5. Contact Our DPO

If you would like to exercise any of your rights or have any questions about our GDPR compliance, please contact our Data Protection Officer at:

Email: dpo@northstarstudio.com