The General Data Protection Regulation (GDPR) is an EU regulation that gives individuals in the European Economic Area (EEA) strong rights over how their personal data is collected, used, and shared. At Yuusk, we are fully committed to complying with GDPR and ensuring your data is handled with care and transparency.
This page explains your specific rights under GDPR and how to exercise them. For a broader overview of how we handle your data, please read our Privacy Policy.
1. Your Rights Under GDPR
As a data subject, you have the following rights with respect to your personal data:
Right of Access (Article 15)
You have the right to request a copy of all personal data we hold about you, the purposes for which it is processed, how long it is retained, and who it is shared with. We will respond to access requests within 30 days.
Right to Rectification (Article 16)
If any personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct it. You can update most profile information directly in your account settings.
Right to Erasure (Article 17)
Also known as the "right to be forgotten." You can request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purposes it was collected, or when you withdraw consent. See our Data Deletion page for full details.
Right to Restrict Processing (Article 18)
You can request that we limit how we process your data — for example, while we investigate a rectification request, or if you object to processing and we are determining whether our legitimate interests override yours.
Right to Data Portability (Article 20)
Where processing is based on consent or contract and carried out by automated means, you have the right to receive your data in a structured, commonly used, machine-readable format (e.g., JSON or CSV) and to transmit it to another controller.
Right to Object (Article 21)
You have the right to object to processing of your personal data where we rely on legitimate interests as our legal basis. We will stop processing unless we can demonstrate compelling legitimate grounds that override your rights, or if the processing is for legal claims.
Rights Related to Automated Decision-Making (Article 22)
You have the right not to be subject to a decision based solely on automated processing — including profiling — that produces legal or similarly significant effects on you. Yuusk does not currently make any fully automated decisions of this nature.
Right to Withdraw Consent
Where our processing is based on consent (for example, optional marketing emails or analytics cookies), you can withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.
2. Our Legal Basis for Processing
We process different categories of your personal data on different legal bases:
- Contract performance: creating and operating your account, enabling matching features, sending transactional emails;
- Consent: sending marketing communications, optional analytics cookies, processing special category data (e.g., data inferred from your profile such as gender or nationality);
- Legitimate interests: fraud prevention, platform security, improving service quality, analytics — balanced against your fundamental rights;
- Legal obligation: retaining certain records as required by applicable law, cooperating with lawful regulatory requests.
3. Special Category Data
Yuusk is a private membership service for personal connections, and some information you provide — such as your gender, preferences implied by the type of members you seek, or your nationality — may constitute special category data under Article 9 of GDPR. We process this data only with your explicit consent, given when you complete your profile, for the sole purpose of providing the Service.
You can withdraw consent for this processing at any time by deleting your profile information or closing your account.
4. Automated Decision-Making
Yuusk may use automated algorithms to suggest potential matches based on profile data, location, and preferences. These suggestions do not produce legal or binding effects — they are recommendations only, and you are always free to accept, ignore, or report any suggested match. You retain full control over your interactions on the platform.
Security systems may also detect spam, abusive patterns, unusual logins or payment risk. These systems help us prioritise review and protect members, but they do not replace your right to contact us if you believe an action affecting your account is incorrect.
5. International Data Transfers
Your personal data may be stored and processed in countries outside the EEA, including on servers operated by our infrastructure partners. We ensure that all such transfers are protected by:
- Standard Contractual Clauses (SCCs) approved by the European Commission;
- Adequacy decisions made by the European Commission for certain countries;
- Binding Corporate Rules or other recognised transfer mechanisms where applicable.
For information about specific transfers, contact us at [email protected].
6. Identity Verification and Response Times
To protect your account, we may ask you to confirm control of the email address connected to your account or provide additional information that lets us identify the correct records. We do not ask for more information than is reasonably necessary for the request.
We normally respond within 30 days after receiving a verified request. If a request is complex or you submit multiple requests at the same time, GDPR allows us to extend the response period by up to 60 additional days. If that happens, we will tell you why and when you can expect the final response.
7. When Rights May Be Limited
Some rights are not absolute. We may refuse or limit a request where the law allows or requires us to do so, including where data is needed for fraud prevention, payment disputes, legal claims, tax records, safety investigations, abuse prevention or protection of another member's rights and freedoms.
If we cannot complete a request exactly as submitted, we will explain the reason unless we are legally restricted from doing so. You can still contact a supervisory authority if you disagree with our response.
8. How to Exercise Your Rights
To submit any GDPR request, email us at [email protected] with the subject line containing the relevant right (e.g., "Right of Access Request" or "Erasure Request"). Please include:
- Your full name and the email address associated with your account;
- A description of the specific right you wish to exercise;
- Any relevant details that help us locate your records.
We will acknowledge your request within 3 business days and respond fully within 30 days. In complex cases, we may extend this by a further 60 days — we will inform you if this is necessary.
We may request proof of identity before processing certain requests to protect against fraudulent submissions.
9. Complaints
If you believe we have not handled your personal data in compliance with GDPR, you have the right to lodge a complaint with a supervisory authority. In the European Union, this is typically the data protection authority of the EU member state where you reside, work, or where the alleged infringement took place. You can also complain to the supervisory authority of the country where we are established.
We encourage you to contact us first at [email protected] — we take all concerns seriously and will do our best to resolve them directly.
10. Contact Our Data Protection Team
For any GDPR-related matter, please reach out to our data protection team:
- Email: [email protected]
- Privacy enquiries: [email protected]
- Via our Contact page (put "GDPR" in the subject)
Legal entity
Yuusk LLC
1201 Geneva, 1, place des Alpes, Switzerland
Switzerland