GDPR Compliance

Last updated: 16 March 2026 · Regulation (EU) 2016/679
DIDfarm is incorporated in the Netherlands and is subject to the General Data Protection Regulation (GDPR). We are committed to full compliance and transparent data practices.

Overview

DIDfarm BV acts as a data controller for personal data collected when you register, purchase numbers, and use our platform. Where we engage third-party processors (e.g. Stripe, Telnyx), we act as data controller and they act as data processors under our instruction.

Lawful Basis for Processing

  • Contract performance — processing your order, provisioning numbers, billing
  • Legal obligation — KYC, telecommunications regulations, tax compliance
  • Legitimate interests — fraud prevention, platform security, service improvement
  • Consent — marketing emails (opt-in only, withdrawable at any time)

Your Rights Under GDPR

As an EU/EEA resident you have the following rights, exercisable at any time:

  • Right of access (Article 15) — obtain a copy of your personal data
  • Right to rectification (Article 16) — correct inaccurate data
  • Right to erasure (Article 17) — request deletion ("right to be forgotten")
  • Right to restriction (Article 18) — limit how we process your data
  • Right to data portability (Article 20) — receive your data in machine-readable format
  • Right to object (Article 21) — object to processing based on legitimate interests
  • Rights related to automated decision-making (Article 22) — we do not make solely automated decisions with legal effects

To exercise any right, email privacy@didfarm.com or use the Data & Privacy section in your account settings. We respond within 30 days.

You have the right to lodge a complaint with the Autoriteit Persoonsgegevens (Netherlands) or your local supervisory authority.

International Data Transfers

Where personal data is transferred outside the EEA (e.g. to US-based processors such as Stripe), we rely on Standard Contractual Clauses (SCCs) as approved by the European Commission under Article 46(2)(c) GDPR. All processors are bound by Data Processing Agreements.

Data Processing Agreement

If you are a business customer and require a Data Processing Agreement (DPA) for your own GDPR compliance, please contact us at privacy@didfarm.com. We will provide a signed DPA within 5 business days.

Data Protection Contact

For all GDPR-related enquiries:
Email: privacy@didfarm.com
Post: DIDfarm BV, Tilburg, Netherlands
Response time: Within 72 hours for urgent matters, 30 days for all requests