Gexzen – GDPR Compilance

GDPR Compliance

Last updated: April 2025

At Gexzen, data protection and privacy are fundamental to how we operate. This page explains our approach to GDPR compliance and how we process personal data responsibly, lawfully, and transparently.


1. Our Commitment to GDPR

Gexzen is committed to complying with the General Data Protection Regulation (GDPR) and its core principles:

  • Lawfulness, fairness, and transparency

  • Purpose limitation

  • Data minimization

  • Accuracy

  • Storage limitation

  • Integrity and confidentiality

These principles are applied across all data processing activities, including B2B data research, outbound execution, and qualified sales meeting generation.


2. Role Under GDPR

Depending on the context, Gexzen may act as:

Data Processor

When processing personal data on behalf of clients for services such as:

  • Custom B2B data research

  • Outbound campaign execution

  • Qualified sales meeting generation

Data Controller

When processing personal data for our own business purposes, such as:

  • Website inquiries

  • Client communication

  • Service administration and billing


3. Lawful Basis for Processing

We process personal data under one or more of the following legal bases:

  • Legitimate Interest — for B2B outreach activities involving professional contact information

  • Contractual Necessity — to deliver services requested by clients

  • Legal Obligation — where required by applicable law

We do not intentionally process special categories of personal data (sensitive data).


4. Types of Data We Process

The types of personal data processed by Gexzen may include:

  • Business contact details (name, job title, company)

  • Professional email addresses

  • Business-related publicly available information

All data is processed strictly in a B2B context and is used for professional outreach and sales communication purposes only.


5. Data Sources

Where applicable, data processed by Gexzen may originate from:

  • Publicly available business information sources

  • Professional directories and platforms

  • Client-provided targeting criteria

All data is used strictly for legitimate B2B purposes, including outbound communication and sales meeting generation.


6. Data Subject Rights

In accordance with GDPR, individuals may have the right to:

  • Access their personal data

  • Request correction of inaccurate data

  • Request deletion or restriction of processing

  • Object to processing based on legitimate interest

Requests can be submitted via email and will be handled in accordance with applicable GDPR timelines.

📧 gdpr@gexzen.com


7. Data Security

We implement appropriate technical and organizational measures to protect personal data against:

  • Unauthorized access

  • Loss, misuse, or alteration

  • Unauthorized disclosure

While we take all reasonable precautions, no system can guarantee absolute security.


8. International Data Transfers

Where applicable, personal data may be processed or stored outside the European Economic Area (EEA). In such cases, appropriate safeguards are implemented in accordance with GDPR requirements.


9. Updates to This Policy

We may update this GDPR Compliance statement from time to time. Any changes will be posted on this page with an updated revision date.


10. Contact

For any questions regarding data protection or GDPR compliance, please contact:

📧 gdpr@gexzen.com