Legal

GDPR Compliance

Last updated: 2026-03-20

1. Our Commitment

birp is fully committed to complying with the General Data Protection Regulation (EU) 2016/679. We ensure that all personal data processing activities meet the highest standards of data protection.

2. Data Protection Principles

Lawfulness, fairness, and transparency
Purpose limitation — data collected for specific, legitimate purposes
Data minimization — only necessary data is collected
Accuracy — data is kept up to date
Storage limitation — data retained only as long as necessary
Integrity and confidentiality — appropriate security measures applied

3. Your Rights Under GDPR

As a data subject, you have the following rights:

Right of Access

Request a copy of your personal data we hold.

Right to Rectification

Request correction of inaccurate personal data.

Right to Erasure

Request deletion of your personal data.

Right to Restrict Processing

Request limitation of how we process your data.

Right to Data Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests.

4. Technical & Organizational Measures

End-to-end encryption for data in transit (TLS 1.3)
AES-256 encryption for data at rest
Role-based access control (RBAC) with principle of least privilege
Regular security audits and penetration testing
Automated data breach detection and notification systems

5. Data Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours. If the breach is likely to result in a high risk to your rights, we will also notify you directly.

6. Data Protection Officer

Data Protection Officer

dpo@birp.io

55 Avenue Marceau, 75016 Paris, France

7. Supervisory Authority

You have the right to lodge a complaint with your local data protection authority. In France, this is the CNIL (Commission Nationale de l'Informatique et des Libertés) — www.cnil.fr.