IPGeolocation-Logo

IPGeolocation GDPR Compliance

The European Union’s General Data Protection Regulation (GDPR) is a regulation that aims to unify data privacy laws across EU member states within a single regulatory framework applicable to the EU single market. IPGeolocation is fully GDPR compliant. Our Privacy Policy details information about data collection, sharing practices, and more.

GDPR Disclosures for European and UK Data Subjects

Roles: Controller vs. Processor

Under EU data protection law, two primary roles exist in data processing:

  • Controller : An organization that determines the purpose and means of processing personal data.
  • Processor : An organization that processes data on behalf of a controller.

IPGeolocation generally acts as a processor on behalf of its customers, who serve as the controllers. This means that the customer decides what personal data to share with IPGeolocation in order to enhance services, support fraud prevention, and provide additional licensed data. For privacy details on how customer data is handled, refer to the applicable customer’s privacy policy.

Additionally, IPGeolocation may operate as a controller in certain cases, such as handling personal data collected from visitors to its own website or processing data correction requests. In instances where IPGeolocation aggregates personal data from multiple customers—similar to analytics services—it may act as both a processor (following customer direction) and a controller to provide broader services.

Data Subject Rights in Europe and the UK

If you are a data subject within the European Economic Area or the UK, you hold specific rights regarding your personal data, including:

  • Access : The right to view the personal data we hold about you.
  • Correction : The right to correct inaccurate or incomplete data.
  • Erasure : The right to request the deletion of your data.
  • Data Portability : The right to receive your data in a structured, commonly used format.
  • Restriction/Objection : The right to restrict or object to certain processing activities.
  • Marketing Preferences : The right to prevent your data from being used for marketing or purposes significantly different from the original collection.

Accessibility of Services

To exercise any of these rights, contact us through the information provided in Section 11 of our Privacy Policy. Specify which rights you wish to exercise, and we’ll respond within seven days. We may need additional information to verify your identity. Please note, however, that we retain certain data for legitimate business interests, including legal compliance, dispute resolution, fraud prevention, and enforcing our agreements.

If your data has been processed on behalf of a customer and you wish to exercise your rights, please contact the customer directly. If you contact us, specify the customer, and we’ll forward your request to them, supporting the response in compliance with the law.

For any issues with GDPR compliance, you can lodge a complaint with a European supervisory authority.

Sub-Processor Information

For transparency regarding the service providers we use, please visit our Sub Processor.