Hubeu logo
Hubeu
GDPR Compliance Journey

GDPR Compliance at Hubeu

Your data protection rights matter. Here's our transparent approach to GDPR compliance and how we're building privacy protection into our platform.

Implementation Status: Hubeu is actively implementing GDPR compliance features. This page reflects our current capabilities and roadmap toward full compliance.

Current GDPR Implementation Status

Transparent reporting on our data protection capabilities

Operational
EU Data Residency
All data stored and processed within European Union borders
In Progress
Data Rights Tools
Building user controls for data access, export, and deletion
Planned
Full Compliance
Complete GDPR implementation targeted for 2026
Data We Currently Collect
Information collected during early platform operation

Essential Account Data

Email address and authentication credentials for platform access via Supabase Auth.

Deployment Information

Application code, build logs, and deployment configurations for your hosted projects.

Technical Logs

Basic server logs for platform operation and troubleshooting (IP addresses, timestamps).

Note: Our data collection is currently minimal and focused on essential platform operation. We're building comprehensive data mapping as part of our GDPR implementation.

Your GDPR Rights Implementation
Current capabilities and planned features for data protection rights

Right to Access

Manual

Contact support for data access requests. Self-service tools in development.

Right to Rectification

Available

Update account information through your dashboard settings.

Right to Erasure

In Progress

Account deletion available via support. Automated tools being built.

Right to Portability

Planned

Data export tools planned for Q1 2026.

Right to Restrict

Limited

Account deactivation available. Granular controls being developed.

Right to Object

Planned

Opt-out mechanisms for non-essential processing coming 2026.

Current Data Security Measures
Security protections currently operational

Transport Encryption

Active

HTTPS/TLS 1.2+ for all web traffic and API communications.

Database Encryption

Active

Supabase-managed encryption at rest for all stored data.

EU Data Centers

Active

Hetzner (Germany) and Scaleway (France) infrastructure only.

Access Controls

Basic

JWT authentication with role-based access. MFA being implemented.

Legal Basis for Data Processing
Why and how we process your personal data

Service Provision (Article 6(1)(b))

Processing necessary to provide cloud hosting and deployment services under our Terms of Service.

Legitimate Interest (Article 6(1)(f))

Platform security, fraud prevention, and service improvement within reasonable expectations.

Consent (Article 6(1)(a))

Optional features like marketing communications (when implemented) with explicit opt-in consent.

GDPR Compliance Roadmap
Our planned implementation timeline

Q4 2025 - Foundation

Data Processing Agreements with providers, basic audit logging, privacy policy updates.

Q1-Q2 2026 - User Rights

Self-service data access, export tools, automated deletion, consent management.

Q3-Q4 2026 - Full Compliance

Breach notification system, Data Protection Officer, compliance audit, certification.

Exercise Your Rights
Contact us for data protection requests or questions
privacy@hubeu.com

We aim to respond to all data protection requests within 30 days

Contact SupportPrivacy Policy

Last updated: October 2025 | This page is updated as we implement new GDPR features
Next scheduled update: January 2026 (Q4 2025 implementation review)