Data Protection & Compliance

Enterprise-grade security for your team's digital business cards

Book a Demo
GDPR Compliant

GDPR Compliant

Full compliance with EU data privacy standards

CCPA Compliant

CCPA Compliant

Compliant with California privacy regulations

End-to-End Encryption

End-to-End Encryption

All data encrypted in transit with TLS 1.3

In Progress
Audit-Ready Controls

Audit-Ready Controls

Security controls mapped to SOC 2 criteria — formal audit planned

How We Protect Your Data

Data Encryption

All data encrypted at rest (AES-256) and in transit (TLS 1.3). No unencrypted data storage.

Access Controls

Role-based access control, multi-factor authentication, and session management for all accounts.

Data Residency

Data hosted in EU-based data centers. Talk to our team about specific residency requirements.

Right to Erasure

Complete data deletion on request. GDPR Article 17 right to be forgotten fully supported.

Data Portability

Export all your data at any time in standard formats. No vendor lock-in.

Breach Notification

72-hour breach notification as required by GDPR. Transparent incident communication.

Our Privacy Commitments

  • We never sell your data or your contacts' data to third parties
  • We collect only what's necessary to provide our service
  • You retain full ownership of all content you create
  • We provide complete transparency in our data processing
  • Regular third-party security audits
Read our Privacy PolicyRead our Terms of Service

Frequently Asked Questions

Is Lynqu GDPR compliant?

Yes. Lynqu fully complies with the EU General Data Protection Regulation. We process data under lawful bases, honor data subject rights including the right to erasure, and maintain a Data Processing Agreement (DPA) available upon request.

What data does Lynqu encrypt?

All data is encrypted at rest using AES-256 and in transit using TLS 1.3. This includes contact information, card designs, analytics data, and user credentials. Encryption keys are managed with automated rotation policies.

Where is my data stored?

Lynqu data is hosted in EU-based data centers operated by established cloud providers. Enterprise customers can discuss specific data residency requirements with our team.

Can I delete all my organization's data?

Yes. Organization administrators can request complete data deletion at any time. We process deletion requests within 30 days as required by GDPR Article 17, and provide confirmation once complete.

Do you offer a Data Processing Agreement?

Yes. A standard DPA is available for all Business and Enterprise customers. Contact our sales team to request a signed DPA or to review our sub-processor list.

Don't take our word for it

Ask any AI about Lynqu

Get an unbiased breakdown from the AI you already trust. One click — your question is pre-filled.

Ask ChatGPTAsk ClaudeAsk Perplexity

Opens a new tab with your question pre-filled.

Ready to get started with enterprise security?

Get a Demo
In Practice

Controls Built for Procurement Reviews

Three common procurement-review scenarios and the Lynqu controls that apply to each. Contact our team to request specific documentation.

EU Procurement

GDPR, DPA, and EU data residency

Example scenario: an EU-based organization needs GDPR-aligned processing, a signed DPA with a clear sub-processor list, and documented breach notification within 72 hours. Lynqu provides EU-hosted infrastructure, a Data Processing Agreement available on request, and notifies customers of sub-processor changes before they take effect.

EU

EU-hosted infrastructure

72h

Breach notification

DPA

Available on request

SOC 2 Audit Prep

Evidence for CC6 access controls

Example scenario: an organization going through a SOC 2 Type II audit needs evidence for common criteria CC6.1, CC6.2, and CC6.3. Lynqu exports a full audit log — logins, card edits, permission changes, data exports — with actor, timestamp, and IP. The CSV can be handed directly to auditors or streamed into your SIEM.

CC6

Controls covered

CSV

Audit log export

SIEM

Stream-ready

Healthcare-Adjacent

Public contact info without touching PHI

Example scenario: a healthcare-adjacent organization wants patient-facing QR cards without exposing protected health information. Lynqu's privacy modes keep the card surface public-only: card pages carry contact details and appointment links, all PHI stays in the practice management system, and the integration layer never transmits HIPAA-classified fields.

0

PHI on cards

3

Privacy modes

Public

Card surface only

Explore next

Team Management

Manage branded cards for your entire team from one dashboard.

Explore Team Management