ChromaChecker Corporation commits to complying with EU GDPR (2016/679) and UK GDPR. The company may act as Data Controller for account data or Data Processor for customer-uploaded and operational data under applicable Data Processing Agreements.
Your Rights Under GDPR
- Access (Art. 15): Obtain confirmation of processing and a copy of your personal data
- Rectification (Art. 16): Correct inaccurate or incomplete information
- Erasure (Art. 17): Request deletion ("right to be forgotten")
- Restriction (Art. 18): Limit data processing
- Portability (Art. 20): Receive data in structured, machine-readable format
- Object (Art. 21): Object to processing based on legitimate interests
- Withdraw Consent (Art. 7): Revoke consent anytime
- Complaint (Art. 77): Lodge complaint with supervisory authority
How to Exercise Your Rights
Option 1: Self-Service
Main Users: Log into ChromaChecker → click profile icon → "Manage Account" → view, edit, export (JSON/CSV), or delete account data.
Operators/Staff: Access Operator website or iPad app → click User Icon → "Edit Profile" → view/edit data; request deletion through Main User.
Option 2: Contact Directly
Email: privacy@chromachecker.com — Subject: "GDPR Data Request - [Request Type]"
Phone: Europe: +48.607.628.995 | USA: 651.717.0590
Mail: ChromaChecker Corporation, Attn: Privacy Team, 4324 Sanddollar Court, New Port Richey, FL 34652, USA.
What to Include in Your Request
- Full name (as registered)
- Email address
- Organization name (if applicable)
- Request type (access, correction, deletion, etc.)
- Specific details about data/action requested
- Proof of identity (where necessary)
Response Timeline
| Request Type | Standard Timeline | Extension |
|---|---|---|
| Access | 30 days | +60 days for complex/numerous requests |
| Rectification | 30 days | +60 days |
| Erasure | 30 days | +60 days |
| Portability | 30 days | +60 days |
| Objection | Without undue delay | — |
Acknowledgment provided within 3 business days.
Account Deletion Process
Complete Account Deletion
Upon deletion: personal data permanently deleted without undue delay; measurement data permanently deleted where qualifying as personal data; settings/preferences permanently deleted; backup copies purged within 60 days; billing records retained 7 years for legal compliance.
Warning: Deletion is irreversible; export data beforehand if needed.
Transferring Account Ownership
Log in as Main User → go to Manage Account → Transfer Ownership → enter new representative's details → new owner receives confirmation email → your personal data removed; organizational data preserved.
Staff Data (Accountability Inspector)
Organization's Responsibility
Employees' data added by organization means: organization is Data Controller for employment-related data; ChromaChecker is Data Processor following organization's instructions.
Your Options
- View/Edit: Use Operator app to view and correct data
- Deletion: Request through organization's Main User
- Complaint: Contact organization's HR/Privacy team first
For Main Users Managing Staff
Responsibilities include: informing employees about data processing; providing legal basis (employment contract, consent, etc.); removing inactive staff promptly; responding to employee data requests; complying with local labor and privacy laws.
Data Portability
Export data in these formats:
- Account information: JSON via Manage Account → Export Data
- Measurement data: CSV, JSON via Reports → Export
- Settings: JSON via Manage Account → Export Data
Special Categories
Deceased Users
Upon receiving death certificate and proof of authority: provide data access to authorized persons; delete account upon request; retain legally required records.
Minors
ChromaChecker is B2B only, not for individuals under 16. Discovered minor data is deleted immediately.
Cookie and Analytics Preferences
Rights related to cookies, analytics, and other consent-based tracking technologies are exercised exclusively through the cookie consent tools available on the website and are not handled through this GDPR data subject request process.
Complaints
Internal Resolution
Contact privacy@chromachecker.com. Resolution targeted within 30 days.
Supervisory Authorities
- EU: Local Data Protection Authority — https://edpb.europa.eu/about-edpb/about-edpb/members_en
- UK: Information Commissioner's Office (ICO) — https://ico.org.uk/make-a-complaint/
- USA: No federal DPA; state-specific options available (e.g., California AG for CCPA)
Data Protection Officer
ChromaChecker has not appointed formal DPO (not required under GDPR Art. 37). Privacy Team: privacy@chromachecker.com | Phone: 651.717.0590.
EU/UK Representatives
EU Representative (GDPR Art. 27)
Data Protection Representative Limited (DataRep)
The Cube, Monahan Road, Cork, T12 H1XY, Republic of Ireland
Email: datarequest@datarep.com (quote "ChromaChecker Corporation")
Webform: www.datarep.com/data-request
Phone: +353 (1) 919 8899
UK Representative (UK GDPR Art. 27)
Data Protection Representative Limited (DataRep)
107-111 Fleet Street, London, EC4A 2AB, United Kingdom
Email: datarequest@datarep.com (quote "ChromaChecker Corporation")
Webform: www.datarep.com/data-request
Phone: +353 (1) 919 8899
Additional EU/EEA Contact Locations: DataRep maintains contact points in all 27 EU member states plus EEA countries, including Poland (Budynek Fronton, ul. Kamienna 21, Kraków, 31-403). Complete list: www.datarep.com.
© 2026 ChromaChecker Corporation. All rights reserved.
