GDPR Compliance
AdMark Studio is committed to protecting the privacy and rights of individuals in the European Union under the General Data Protection Regulation (GDPR).
Last updated: November 25, 2025
1. GDPR Overview
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that governs how organizations collect, use, and protect personal data of individuals in the European Union (EU) and European Economic Area (EEA).
As a provider of services to users worldwide, including the EU, AdMark Studio processes personal data in compliance with GDPR requirements. This page explains how we meet our GDPR obligations and describes your rights as an EU/EEA user.
2. Legal Basis for Processing
We process your personal data based on the following legal grounds:
Contract Performance
Processing necessary to provide you with our Service, including account creation, subscription management, banner generation, and customer support. This is our primary basis for processing your data.
Legitimate Interests
Processing necessary for our legitimate business interests, including:
- Improving and developing our Service
- Ensuring security and preventing fraud
- Analyzing Service usage to enhance user experience
- Communicating important service updates
Consent
Where we process data based on your consent, you may withdraw consent at any time. This includes:
- Marketing communications and promotional emails
- Non-essential cookies and tracking technologies
- Optional feedback programs to improve AI
- Portfolio/marketing use of your designs
Legal Obligation
Processing necessary to comply with legal requirements, such as tax reporting, financial record-keeping, and responding to lawful government requests.
3. Your Rights Under GDPR
As an EU/EEA resident, you have the following rights regarding your personal data:
Right to Access (Article 15)
You have the right to obtain confirmation of whether we process your personal data and to access that data. You may request a copy of your personal data in a commonly used electronic format.
Right to Rectification (Article 16)
You have the right to request correction of inaccurate personal data and completion of incomplete personal data.
Right to Erasure / "Right to be Forgotten" (Article 17)
You have the right to request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, you withdraw consent, or the data was unlawfully processed.
Right to Restrict Processing (Article 18)
You have the right to request that we restrict processing of your personal data while we verify accuracy, establish legal claims, or if you object to processing.
Right to Data Portability (Article 20)
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.
Right to Object (Article 21)
You have the right to object to processing based on legitimate interests, including profiling, as well as processing for direct marketing purposes.
Rights Related to Automated Decision-Making (Article 22)
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. Our AI features generate creative content based on your inputs and do not make decisions that significantly affect your legal rights.
4. How to Exercise Your Rights
To exercise any of your GDPR rights, you may:
- Email our Data Protection team at [email protected]
- Use the data export and deletion features in your account settings
- Submit a request through our contact form
Response Timeframe
We will respond to your request within 30 days of receipt. If your request is complex or we receive many requests, we may extend this period by up to two additional months. We will inform you of any extension and the reasons for the delay.
Verification
To protect your privacy, we may need to verify your identity before processing your request. We may ask you to provide additional information to confirm your identity.
No Fee (Usually)
You will not have to pay a fee to exercise your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.
5. Data Protection Officer
We have appointed a Data Protection Officer (DPO) to oversee our GDPR compliance. You may contact our DPO for any questions or concerns about how we handle your personal data:
6. International Data Transfers
Your personal data may be transferred to and processed in countries outside the EU/EEA, including the United States, where our servers and service providers are located.
Safeguards
When we transfer personal data outside the EU/EEA, we ensure adequate protection through:
- Standard Contractual Clauses (SCCs): We use EU Commission-approved contractual clauses with our processors and partners
- Data Processing Agreements: We maintain comprehensive agreements with all third-party processors
- Technical Measures: We implement encryption and other security measures to protect data in transit and at rest
9. Submit a Data Request
Use the form below or email us directly to submit a GDPR data request:
To submit a data access, correction, deletion, or portability request, please email:
Submit GDPR RequestPlease include your account email address and the type of request (access, correction, deletion, or portability) in your email.