GDPR Compliance

Wan Buffer Services as Controller — for data collected on the website (demo requests, partner enquiries, analytics) we determine the purposes and means of processing.

Wan Buffer Services as Processor — during an ERP engagement, the client is the controller of any personal data in their ERP. We process that data on their behalf, under a Data Processing Agreement (DPA).

• Consent — for marketing and non-essential analytics.
• Contract — to provide the service you have requested.
• Legitimate interests — to respond to business enquiries and improve the site, balanced against your rights.
• Legal obligation — to meet tax, regulatory, and audit requirements.

Under GDPR you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete data (“right to be forgotten”).
• Restrict or object to processing.
• Port your data to another provider.
• Withdraw consent at any time.
• Lodge a complaint with your local supervisory authority.

Email [email protected] to exercise any of these rights. We respond within 30 days.

For every engagement we sign a DPA that sets out sub-processors, security measures, breach notification, audit rights, and international transfer safeguards. A template DPA is available on request.

Where personal data moves outside the EEA we rely on Standard Contractual Clauses (SCCs) and, where required, supplementary measures such as pseudonymisation and encryption in transit.

If we become aware of a personal data breach affecting you, we notify the responsible controller without undue delay, and within 72 hours where feasible, in line with Article 33 GDPR.

Wan Buffer Services, Ahmedabad, India, with EU presence via our Paris office. Email [email protected] for any GDPR-related request.