# GDPR & International Compliance

## GDPR Principles We Follow
- Data minimization
- Purpose limitation
- Transparency
- Security by design

## Client Controls
- Ability to delete services and data via portal
- Data Export feature for Enterprise tier
- Consent-based data collection

## Other Regulations
- HIPAA (for health-related services)
- ISO/IEC 27001-aligned practices (internal only)
- Data processing agreement (DPA) available on request