GDPR and Data Compliance

GDPR and Data Compliance

At Tiny API, we take data privacy and security very seriously. We are committed to ensuring that our product complies with the General Data Protection Regulation (GDPR) and other relevant data protection laws. This page outlines our approach to GDPR compliance and how we help our users maintain data privacy.

Compliance with GDPR

The GDPR is a comprehensive data protection law that aims to strengthen the rights of individuals within the European Union (EU) concerning their personal data. It also aims to simplify the regulatory environment for international businesses by unifying data protection regulations within the EU.

Tiny API has implemented the following measures to ensure compliance with GDPR:

Data Processing Agreement

We offer a Data Processing Agreement (DPA) to our customers who process personal data on behalf of EU citizens. The DPA outlines our commitment to protect personal data in compliance with GDPR. To request a DPA, please contact our support team at

Data Protection by Design and by Default

Tiny API has incorporated data protection principles into the design and development of our product. We minimize the amount of personal data we collect and process, ensuring that only necessary data is used for the intended purpose.

Data Security Measures

We have implemented strong security measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. These measures include encryption, access controls, and regular security audits.

Data Subject Rights

As a data processor, Tiny API is committed to helping our customers fulfill their obligations related to Data Subject Rights under GDPR. We provide tools and processes to assist our customers in responding to data subject requests, such as:

  • Right to access: Users can access their personal data processed by Tiny API through their account settings.
  • Right to rectification: Users can update their personal data in their account settings or by contacting our support team.
  • Right to erasure: Users can request the deletion of their personal data by contacting our support team.
  • Right to data portability: Users can request a copy of their personal data in a machine-readable format by contacting our support team.
  • Right to object and restrict processing: Users can adjust their account settings to limit the processing of their personal data or contact our support team for assistance.

Data Retention Policy

Tiny API retains personal data for as long as necessary to provide our services and fulfill our legal obligations. When personal data is no longer required, we securely delete or anonymize it in accordance with our data retention policy.

Contact Us

If you have any questions or concerns about our GDPR and Data Compliance, please feel free to reach out to our Data Protection Officer at