GDPR Compliance
How FDM Foundry protects your data rights under the General Data Protection Regulation. Last updated: February 8, 2026
Our commitment
FDM Foundry is committed to protecting the privacy and data rights of all users, particularly those in the European Union and European Economic Area. We comply with the GDPR and treat data protection as a fundamental right, not a compliance checkbox.
Data Minimization
We only collect data that is strictly necessary to provide our services. We don't harvest data for advertising or profiling.
Purpose Limitation
Your data is used only for the specific purposes described in our Privacy Policy. We never repurpose it without your consent.
Transparency
We clearly explain what data we collect, why we collect it, and how long we keep it. No fine-print surprises.
Security by Design
Data protection is built into our systems from the ground up, not bolted on as an afterthought.
Your rights under GDPR
As a data subject in the EU/EEA, you have the following rights. We respond to all valid requests within 30 days.
Right of Access (Article 15)
You can request a complete copy of all personal data we hold about you. We will provide it in a structured, commonly used format.
Right to Rectification (Article 16)
If any of your personal data is inaccurate or incomplete, you have the right to have it corrected. You can update most information directly in your account settings.
Right to Erasure (Article 17)
You can request the deletion of your personal data. We will comply unless we have a legal obligation to retain certain records (e.g., financial transaction records for tax compliance).
Right to Restrict Processing (Article 18)
You can request that we limit how we process your data in certain circumstances, such as when you contest the accuracy of your data.
Right to Data Portability (Article 20)
You can request your data in a machine-readable format (JSON or CSV) and transfer it to another service provider.
Right to Object (Article 21)
You can object to processing based on our legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds.
Right to Withdraw Consent (Article 7)
Where processing is based on consent, you can withdraw it at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
Legal bases for processing
We process personal data under the following legal bases:
| Purpose | Legal Basis |
|---|---|
| Account creation and management | Contract performance |
| Processing purchases and payouts | Contract performance |
| Platform security and fraud prevention | Legitimate interest |
| Service improvement and analytics | Legitimate interest |
| Marketing emails and newsletters | Consent |
| Tax and financial record keeping | Legal obligation |
| Cookie tracking (non-essential) | Consent |
Sub-processors and data transfers
We use a limited number of third-party services to operate the Platform. Each has been vetted for GDPR compliance.
Stripe
Payment processing
Vercel
Hosting and CDN
International data transfers are protected by Standard Contractual Clauses or equivalent safeguards as required by GDPR Article 46.
How to exercise your rights
Exercising your data rights is straightforward.
Submit a request
Email privacy@fdmfoundry.com or use our contact form. Include your account email and specify which right you want to exercise.
Verification
We will verify your identity to protect your data from unauthorized access. This usually involves confirming your email address.
Processing
We will process your request and respond within 30 days. If we need more time due to complexity, we will notify you within the initial 30-day period.
Resolution
You will receive a confirmation of the actions taken. If you are not satisfied, you have the right to lodge a complaint with your local data protection authority.
Questions about your data?
We take your privacy seriously. If you have any questions about how we handle your data, we are happy to help.