Yes, Goelett is based and operates in EU and is obliged to act according to GDPR regulations. We are regularly performing Data Protection Impact Assessment. We have appointed DPO, we have made sure we can handle any Data Subject or Controller request, we have made sure we can properly report any personal data breach, we have signed Data Processing Agreements with all sub-processors, and we have documented all personal data processing activities based on regulations and best practices shared by French CNIL and Polish UODO. You can find our Privacy Policy published on our website.