GDPR Compliance

Effective Date: March 1, 2026

Thora Solutions LLC is committed to protecting the privacy and rights of individuals in accordance with the General Data Protection Regulation (GDPR). This page outlines our data protection practices and your rights as a data subject.

Data Protection Officer

For all GDPR-related inquiries, you may contact our Data Protection Officer at:

Thora Solutions LLC

Data Protection Officer

Email: contact@thora.solutions

Your Rights Under GDPR

Right of Access

You have the right to request a copy of the personal data we hold about you. We will provide this within 30 days of your request.

Right to Rectification

You have the right to request correction of any inaccurate or incomplete personal data we hold about you.

Right to Erasure

You have the right to request deletion of your personal data when it is no longer necessary for the purpose it was collected, or when you withdraw consent.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.

Right to Restriction

You have the right to request that we restrict the processing of your personal data under certain circumstances, such as when you contest the accuracy of the data.

Right to Object

You have the right to object to the processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.

Data Processing Activities

We process personal data for the following purposes:

  • Website analytics: Aggregated, anonymized usage data via Google Analytics 4 (legitimate interest)
  • Contact form submissions: Name, email, company, and message content (consent)
  • Newsletter subscriptions: Email address (consent, with opt-out in every email)
  • Client engagements: Business contact information and project data (contractual necessity)

Cross-Border Data Transfers

Thora Solutions is based in the United States. If you are located in the European Economic Area (EEA), your personal data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses (SCCs) approved by the European Commission. Our cloud infrastructure providers (AWS, Vercel) maintain EU-US data transfer compliance through similar mechanisms.

How to Exercise Your Rights

To exercise any of your GDPR rights, please submit a request to contact@thora.solutions with the subject line “GDPR Request.” We will:

  • Verify your identity before processing the request
  • Respond within 30 days of receiving your request
  • Provide the requested action free of charge (unless requests are manifestly unfounded or excessive)

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.