GDPR Compliance

Your data protection rights matter.

Last Updated: April 10, 2026

Unleashed Podcasts ("we," "our," or "us") is committed to protecting the privacy and personal data of individuals in the European Economic Area (EEA), United Kingdom, and Switzerland. This GDPR Policy explains how we comply with the General Data Protection Regulation (GDPR) and your rights under this regulation.

Important: This GDPR Policy supplements our Privacy Policy. If you are located in the EEA, UK, or Switzerland, this policy provides additional information about your specific rights under GDPR.

1. What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It applies to organizations that:

  • Are established in the European Economic Area (EEA)
  • Offer goods or services to individuals in the EEA
  • Monitor the behavior of individuals in the EEA

The GDPR strengthens data protection rights and gives individuals greater control over their personal data.

2. Our Role Under GDPR

For the purposes of GDPR, Unleashed Podcasts acts as a Data Controller for the personal data we collect and process through our platform. This means we determine the purposes and means of processing your personal data.

In some cases, we may also act as a Data Processor when processing data on behalf of our users who create and manage podcast content.

3. Legal Basis for Processing

We only process your personal data when we have a legal basis to do so. Under GDPR, we rely on the following legal bases:

Legal Basis When We Use It Examples
Consent When you have given clear consent for us to process your data for a specific purpose Marketing emails, cookies (non-essential), newsletter subscriptions
Contract When processing is necessary to fulfill our contract with you Account creation, service delivery, payment processing, customer support
Legal Obligation When we must process data to comply with legal requirements Tax records, fraud prevention, regulatory compliance
Legitimate Interests When processing is necessary for our legitimate business interests (balanced against your rights) Analytics, security monitoring, service improvement, fraud detection

4. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights regarding your personal data:

4.1 Right to Access (Article 15)

You have the right to request confirmation of whether we process your personal data and, if so, to access that data. You can request:

  • What personal data we hold about you
  • The purposes of processing
  • The categories of data we process
  • Who we share your data with
  • How long we retain your data
  • Information about your other rights

4.2 Right to Rectification (Article 16)

You have the right to correct inaccurate or incomplete personal data. You can update most of your information directly through your account settings, or contact us for assistance.

4.3 Right to Erasure / "Right to be Forgotten" (Article 17)

You have the right to request deletion of your personal data when:

  • The data is no longer necessary for the purposes it was collected
  • You withdraw consent and there is no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • The data must be erased to comply with a legal obligation

Note: This right is not absolute. We may need to retain certain data for legal compliance, defense of legal claims, or other legitimate reasons.

4.4 Right to Restriction of Processing (Article 18)

You have the right to request that we limit how we use your data when:

  • You contest the accuracy of the data (during verification)
  • Processing is unlawful but you don't want the data deleted
  • We no longer need the data but you need it for legal claims
  • You have objected to processing (pending verification of our legitimate grounds)

4.5 Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You can also request that we transmit this data directly to another service provider where technically feasible.

This right applies when:

  • Processing is based on consent or contract
  • Processing is carried out by automated means

4.6 Right to Object (Article 21)

You have the right to object to processing of your personal data when:

  • Direct Marketing: You can object at any time to processing for direct marketing purposes
  • Legitimate Interests: You can object to processing based on legitimate interests, and we must stop unless we can demonstrate compelling legitimate grounds

4.7 Rights Related to Automated Decision-Making and Profiling (Article 22)

You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal effects or similarly significantly affect you.

Note: Currently, Unleashed Podcasts does not engage in automated decision-making or profiling that produces legal or similarly significant effects.

4.8 Right to Withdraw Consent

Where we process your data based on consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

5. How to Exercise Your Rights

To exercise any of your GDPR rights, you can:

Email: privacy@unleashedpodcasts.com

Subject Line: "GDPR Rights Request - [Type of Request]"

Include: Your name, email address, account information (if applicable), and specific details about your request

We will respond to your request within one month of receipt. In complex cases, we may extend this by up to two additional months and will inform you of the extension and reasons.

5.1 Verification

To protect your privacy, we may need to verify your identity before processing your request. We may ask for additional information to confirm you are the person whose data is being requested.

5.2 No Fee

Exercising your GDPR rights is generally free of charge. However, we may charge a reasonable fee or refuse to act on a request if it is manifestly unfounded, excessive, or repetitive.

6. Data Protection Principles

We adhere to the following GDPR data protection principles:

  • Lawfulness, Fairness, and Transparency: We process data lawfully, fairly, and in a transparent manner
  • Purpose Limitation: We collect data for specified, explicit, and legitimate purposes only
  • Data Minimization: We collect only the data that is adequate, relevant, and necessary
  • Accuracy: We keep personal data accurate and up to date
  • Storage Limitation: We retain data only as long as necessary for the purposes collected
  • Integrity and Confidentiality: We implement appropriate security measures to protect data
  • Accountability: We are responsible for and can demonstrate compliance with these principles

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the EEA, UK, or Switzerland. When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Adequacy Decisions: Transfers to countries that the European Commission has deemed to provide adequate protection
  • Standard Contractual Clauses (SCCs): Use of EU-approved contractual terms that provide data protection guarantees
  • Other Safeguards: Additional measures to ensure data protection in accordance with GDPR

For more information about our international data transfers and safeguards, please contact us at privacy@unleashedpodcasts.com.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Account Data: Retained while your account is active and for 90 days after account deletion
  • Billing Records: Retained for 7 years to comply with tax and accounting requirements
  • Marketing Data: Retained until you unsubscribe or withdraw consent
  • Security Logs: Retained for up to 2 years for security and fraud prevention

After the retention period expires, we will delete or anonymize your personal data in accordance with our data retention policies.

9. Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe we have collected data from a child under 16, please contact us immediately.

10. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours of becoming aware of the breach
  • Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights
  • Provide information about the nature of the breach, potential consequences, and measures taken

11. Data Protection Officer

For questions about our GDPR compliance or to exercise your rights, you can contact our Data Protection team:

Email: dpo@unleashedpodcasts.com

General Privacy Inquiries: privacy@unleashedpodcasts.com

12. Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority.

12.1 EU/EEA Supervisory Authorities

You can find your local data protection authority at: https://edpb.europa.eu/about-edpb/board/members_en

12.2 UK Supervisory Authority

Information Commissioner's Office (ICO)
Website: https://ico.org.uk
Phone: 0303 123 1113

12.3 Switzerland Supervisory Authority

Federal Data Protection and Information Commissioner (FDPIC)
Website: https://www.edoeb.admin.ch

While you have the right to lodge a complaint with a supervisory authority, we encourage you to contact us first so we can address your concerns directly.

13. Updates to This Policy

We may update this GDPR Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:

  • Posting the updated policy with a new "Last Updated" date
  • Sending email notification to registered users in the EEA, UK, and Switzerland
  • Displaying a prominent notice on our platform

14. Additional Resources

For more information about how we handle your personal data, please refer to:

15. Contact Us

If you have questions about this GDPR Policy or wish to exercise your rights, please contact us:

Data Protection Officer: dpo@unleashedpodcasts.com

General Privacy Inquiries: privacy@unleashedpodcasts.com

Support: Contact Us Form

Unleashed Podcasts is committed to protecting your privacy and ensuring compliance with GDPR. We respect your rights and will respond to all legitimate requests in accordance with applicable law.