Personal data processing

Hey there, fellow DPO/privacy & data protection enthusiast! ๐Ÿ‘‹

This notice is kept intentionally brief because of who's reading this, so don't use it as a template for your customers. ;)

Since you're GDPR savvy and already overwhelmed with limited time, I'll simply state that you're entitled to all GDPR rights, including access. Just reach out if you have any questions: your controller here is me, Rie Aleksandra Walle at

When you sign up for the DPO Hub you must share your email address, payment details, name, billing address and, if you're purchasing as a business, Tax ID number (for VAT purposes). The purpose is to give you access to the DPO Hub and the data is required if you want to subscribe. The legal basis is contract. This data is kept for as long as you subscribe, and then for 3,5 years for accounting obligations. I use Stripe to process your payment securely and they retain certain personal data to comply with legal obligations, such as anti-terrorism and anti-money laundering laws.

If you're a Founding Member and would like to receive the carefully put together welcome gift, you must also share your address. I'll then keep this for as long as I might send you something-something in snail mail. This is based on your consent and you can withdraw this at any time, after which I'll delete the data promptly, at the latest within a month.

Your email address is required to log in to the DPO Hub. You can also add your name. Once logged in, you can change these details yourself. Your email address is also used to send you news alerts but you can unsubscribe from these at any time.

The platform I've built the DPO Hub on allows for the following analytics: Newsletter opens and click, Member sources and Outbound link tagging. These are permanently disabled. Statistics showing when a member signed up, logged in and emails received cannot be disabled, however, and is as such considered as part of the contract (where the purpose is to fulfill the contract). If you cancel your subscription, your profile, and all related data, will be deleted within two months.

Finally, I use Fathom Analytics for website analytics, software that was built with privacy at the very core. Your IP address and User Agent are only processed in pseudonomised form for 24-48 hours (read more here). The purpose is to assess the use of the DPO Hub in the most privacy-friendly way as possible, for example which pages are the most visited. The legal basis is f), where my legitimate interest is to continually improve the DPO Hub.

Processors/recipients (including in a third country):

Again, if you have any questions or concerns, just email me!

Great! Next, complete checkout for full access to DPO Hub.
Welcome back! You've successfully signed in.
You've successfully subscribed to DPO Hub.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.