🎉 Start free today - upgrade only when you grow! Use coupon code SHIPFAST for 10% off paid plans

Heysheet Logo
heysheet

GDPR Compliance Policy

Last Updated: 8/13/2025

HeySheet ("we," "us," or "our") is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR). This document explains how we collect, use, and protect your personal data.

Contact Information

Data Controller: HeySheet
Email: support@heysheet.in
Website: https://heysheet.in

What Data We Collect

We collect the following types of personal data:

  • Account Information: Name, email address, username, and encrypted password when you create an account
  • Usage Data: IP address, browser type, device information, and how you interact with our service
  • Spreadsheet Content: The data you create, upload, or store in your spreadsheets
  • Communication Data: Messages you send us through support or contact forms
  • Payment Information: Billing details (processed securely through third-party payment processors)

How We Use Your Data

We use your personal data to:

  • Provide and maintain our spreadsheet services
  • Manage your account and authenticate your access
  • Respond to your questions and provide customer support
  • Improve our services and fix technical issues
  • Send important service updates and notifications
  • Protect against fraud and ensure security
  • Comply with legal obligations

Legal Basis for Processing

We process your data based on:

  • Contract: To provide our services as agreed
  • Consent: When you give us permission for specific uses
  • Legitimate Interest: To operate and improve our business
  • Legal Obligation: To comply with applicable laws

Data Sharing

We do not sell your personal data. We only share data with trusted third parties who help us operate our service, such as:

  • Cloud hosting providers for data storage
  • Payment processors for handling transactions
  • Analytics services to understand how our service is used
  • Legal authorities when required by law

All third parties are contractually required to protect your data and use it only for the purposes we specify.

Your GDPR Rights

Under the GDPR, you have the following rights:

Right to Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can ask us to correct any inaccurate or incomplete personal data.

Right to Erasure ("Right to be Forgotten")

You can request that we delete your personal data in certain circumstances.

Right to Restrict Processing

You can ask us to limit how we use your data in specific situations.

Right to Data Portability

You can request your data in a format that allows you to transfer it to another service.

Right to Object

You can object to certain types of data processing, including direct marketing.

How to Exercise Your Rights

To use any of these rights:

  1. Email us at support@heysheet.in
  2. Include "GDPR Request" in the subject line
  3. Provide your account details for verification
  4. Clearly state which right you want to exercise

We will respond to your request within one month. For complex requests, we may extend this by up to two additional months.

Data Security

We protect your data using:

  • Encryption for data transmission and storage
  • Secure access controls and authentication
  • Regular security updates and monitoring
  • Staff training on data protection practices
  • Backup and recovery procedures

Data Retention

We keep your data for as long as:

  • Your account remains active
  • Required to provide our services
  • Necessary for legal compliance

When you delete your account, we will delete your personal data within 30 days, except where we must retain it for legal reasons.

International Data Transfers

If we transfer your data outside the European Union, we ensure it receives adequate protection through approved safeguards such as Standard Contractual Clauses or transfers to countries with adequacy decisions.

Cookies

We use cookies and similar technologies to provide essential functionality, analyze usage, and remember your preferences. You can manage cookie settings in your browser. For more details, see our Cookie Policy.

Data Processing Agreement (DPA)

Business customers who need a Data Processing Agreement can request one by contacting us at support@heysheet.in. Our DPA covers data processing terms, security measures, and compliance requirements.

Data Breaches

In the unlikely event of a data breach that could affect your rights:

  • We will notify relevant authorities within 72 hours
  • We will inform affected users without undue delay
  • We will provide clear information about what happened and what we're doing about it

Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal data from children. If we discover we have collected such data, we will delete it promptly.

Updates to This Policy

We may update this policy from time to time. When we make significant changes, we will notify you by email or through our website. The "Last Updated" date at the top of this page shows when the policy was last revised.

Complaints

If you believe we have not handled your personal data properly, you can:

  • Contact us directly at support@heysheet.in
  • File a complaint with your local data protection authority

You can find contact information for EU data protection authorities at: https://edpb.europa.eu/about-edpb/board/members_en

Our Commitment

As a small business, we take data protection seriously. We regularly review our practices to ensure we handle your personal data responsibly and in compliance with GDPR requirements. Our team is trained on privacy principles, and we implement appropriate security measures to protect your information.

Questions?

If you have any questions about this GDPR policy or how we handle your data, please don't hesitate to contact us at support@heysheet.in. We're here to help and will respond to your inquiry within 48 hours.