Compliance

GDPR Compliance

How Demand Sharks aligns with the EU General Data Protection Regulation across marketing operations and client-delivery services.

Last updated: July 1, 2026

Lawful basis

Demand Sharks processes personal data on two lawful bases: (a) consent, for lead generation touchpoints where the data subject has explicitly opted in, and (b) legitimate interest, for the operation of our marketing website and inbound inquiry response.

Double opt-in

Every lead delivered through our lead generation services is captured via a first-party opt-in form on a publisher, event, or content property, with a verifiable timestamp and source URL retained as evidence of consent.

Data Processing Agreements

Demand Sharks provides standard Data Processing Agreements (DPAs) to all EU and UK clients on request. Custom DPAs can be negotiated for enterprise procurement.

International transfers

Where personal data is transferred outside the European Economic Area, we rely on the European Commission's Standard Contractual Clauses (SCCs) as the transfer mechanism.

Data subject rights

EU and UK data subjects may exercise their rights of access, rectification, erasure, restriction, portability, and objection at any time by contacting dpo@demand-sharks.com. We respond within 30 calendar days.

Data Protection Officer

Contact our DPO at dpo@demand-sharks.com.