GDPR Overview

Last Updated: 18/03/2022

  1. Background

      What is data privacy and data protection anyway?

      Data privacy and data protection both deal with the processing of data. Data protection focuses on protecting assets from unauthorized use, while data privacy defines who is authorized to access the data in the first place.

      One important difference is who controls which part. With data privacy, controls are mostly given to the user (in other words, the user can control which data is shared with whom), while data protection is mostly a company's responsibility.

      What is personal data?

      Personal data is defined as any data that can be linked back to a natural person. Everything you do online - from creating a Facebook account to posting a photo on Instagram - leaves a digital footprint. While it may seem small, it adds up and unprotected, an individual is vulnerable to having their personal data shared with third parties. Luckily, data privacy law focuses on ensuring an individual's rights are secure.

      What's General Data Protection Regulation (GDPR)?

      Today, data protection law impacts organizations and governments around the world. The EU implemented a higher protection threshold than most other countries with the introduction of General Data Protection Regulation (GDPR) in 2018. GDPR introduced changes to previous data protection and data privacy law, specifically around areas like consent, reporting obligations, internal procedures, accountability, and penalties.

      Does GDPR apply to me?

      Yes. GDPR applies to you too even if you are located outside of the EEA (European Economic Area). It applies to any business that a) markets their products to people in the EEA or b) monitors the behavior of people in the EEA. In other words, even if you’re based outside of the EEA, if you control or process the data of EU citizens, GDPR applies to you.

  2. FAQ

      How do I manage my data?

      1. See a list of our subprocessors in Annex 7.2. of our DPA.
      2. Ask us what kind of your personal data Niche Mates has stored.
      3. You can unsubscribe from all marketing emails by emailing us at
      4. Ask us to delete your personal data we may have stored.
      5. For any other GDPR related question, please reach out to us at

      Where is my data stored?

      Relationyst is hosted on The servers where Relationyst's data is stored are located in Frankfurt, Germany.

      What are the steps Relationyst has taken to ensure we are GDPR compliant?

      Relationyst was founded after GDPR came into effect. As a result, we have been focused on ensuring GDPR compliance from the beginning.

      We have signed DPAs with all of our third-party business providers (sub-processors). If you want to know more about these Data Processing Agreements, click here and go to Annex 7.2.

      If you are a business customer of Niche Mates, you can find our Data Processing Agreement here.

      Want to know more?

      1. Our Privacy Policy
      2. Our Data processing agreement
      3. Visit the Brandenburg Commissioner for data protection and freedom of information (in German)
      4. Visit the Federal Commissioner for data protection and freedom of information
      5. Visit the European Data Protection Supervisor
      6. Full text of General Data Protection Regulation


      This website is not legal advice for your company to use in complying with EU data privacy laws like the GDPR. Instead, it provides background information to help you better understand how Relationyst has coped with some important legal issues. This legal information is not the same as legal advice, where a legal professional applies the law to specific circumstances, so we insist that you consult a legal professional, if you’d like advice on your interpretation of this information or its accuracy. In a nutshell, you may not rely on this paper as legal advice.