1. Data Protection Principles

We adhere to the following core data protection principles when processing your personal data:

• Lawfulness, Fairness, and Transparency: We process data lawfully, fairly, and in a transparent manner.
• Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes related to providing our text case conversion service.
• Data Minimization: We only collect and process personal data that is necessary for the purposes for which it is processed.
• Accuracy: We take reasonable steps to ensure personal data is accurate and kept up to date.
• Storage Limitation: Data is not kept in a form which permits identification of data subjects for longer than is necessary for the purposes for which the personal data are processed.
• Integrity and Confidentiality: We process data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
• Accountability: We take responsibility for and are able to demonstrate compliance with these principles.

2. Types of Data We Process

We may process the following categories of personal data in connection with your use of CaseMagic:

• Input Data: The text you voluntarily input into our service for case conversion or AI-powered case suggestions.
• Identity & Contact Data (for feedback/inquiries): If you contact us (e.g., via the feedback form or contact page), this may include your name and email address.
• Technical Data: IP address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our service.
• Usage Data: Information about how you use our website and services, such as which features you use and how often.

3. Legal Basis for Processing

We process personal data on the following legal grounds:

• Consent: Where you have explicitly agreed to the processing (e.g., for submitting feedback with your contact details, or for the use of non-essential cookies).
• Performance of Contract (Terms of Service): Where processing is necessary for performing our service to you as outlined in our Terms of Service (e.g., processing your input text for conversion).
• Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
• Legitimate Interests: Where processing is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. This includes improving our service, ensuring security, and analyzing usage.

4. Your Data Protection Rights

Under applicable data protection laws, you may have the following rights regarding your personal data:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data in certain circumstances.
• Right to Restrict Processing: Request that we limit how we use your data.
• Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format and transmit it to another controller (where applicable).
• Right to Object: Object to processing based on legitimate interests or for direct marketing.
• Rights Related to Automated Decision Making and Profiling: Not be subject to decisions based solely on automated processing that significantly affect you.

To exercise any of these rights, please contact us. See the "Contact Information" section below or visit our Contact Page.

5. Data Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of data where feasible (e.g., HTTPS for data in transit).
• Regular security assessments.
• Access controls to limit access to personal data to authorized personnel.
• Procedures for handling data breaches.

While we strive to protect your personal data, please be aware that no security measures are perfect or impenetrable.

6. International Data Transfers

If we transfer your personal data outside your region (e.g., if our AI service providers are located in a different country), we will ensure that appropriate safeguards are in place to protect your data, such as by using Standard Contractual Clauses or relying on an adequacy decision, as required by applicable law.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. For example, input text for conversion is generally processed ephemerally. Data related to feedback or inquiries may be kept longer to ensure resolution.

8. Data Protection Contact / Officer

For data protection inquiries or to exercise your rights, please contact us. While we may not have a formally appointed Data Protection Officer if not legally required, inquiries can be directed to:

Email: support@casemagic.barahico.com

Or, visit our Contact Page.

9. Complaints

If you are unsatisfied with our response to any data protection request or concern, you have the right to lodge a complaint with your local data protection supervisory authority. We would, however, appreciate the chance to address your concerns before you approach the authority, so please contact us in the first instance.