GDPR Compliance
CorePath's commitment to the EU General Data Protection Regulation and your data rights.
Last updated January 12, 2026
01Our commitment
CorePath is built with privacy in mind. We process personal data lawfully, fairly, and transparently, and only for the purposes described in our Privacy Policy.
02Lawful basis for processing
We process personal data on the basis of performing our contract with you, your consent where applicable, and our legitimate interests in operating and improving the service.
03Your rights
If you are in the EU/EEA, you have the right to access, rectify, erase, restrict, and port your personal data, and to object to certain processing. You may exercise these rights at any time.
You also have the right to lodge a complaint with your local supervisory authority.
04Data processing & subprocessors
We act as a data processor for the content you store and as a controller for your account data. We maintain a list of subprocessors and bind them to GDPR-compliant terms. A Data Processing Agreement is available on request.
05International transfers
Where data is transferred outside the EEA, we rely on appropriate safeguards such as Standard Contractual Clauses. Enterprise customers can request EU data residency.
06Exercising your rights
To make a data request or sign a DPA, contact our team and we will respond within the timeframes required by law.