Logo

GDPR Compliance

Last updated: 02/07/2026

Learn how Shadcn Search complies with the General Data Protection Regulation (GDPR) to protect the personal data of EU/EEA residents.

Overview

At Shadcn Search (the "Company", "we", "us", or "our"), we are committed to complying with the General Data Protection Regulation (GDPR) (EU) 2016/679 when processing personal data of individuals located in the European Union ("EU") or European Economic Area ("EEA").

This GDPR Compliance Statement outlines how we collect, use, process, store, and disclose your personal data in accordance with the GDPR when you use our search, discovery, account, and related services.

This statement applies specifically to the personal data of EU/EEA residents who use our search platform and related services.

Data Controller & Scope

The entity responsible for deciding how your personal data is processed ("Data Controller") is Shadcn Search.

Scope of Application

This statement applies to all personal data processing activities related to EU/EEA residents who use our Service, including account access, search functionality, saved preferences, analytics, support, and optional billing features.

Geographic Scope

These protections apply regardless of where the data processing takes place, as long as you are an EU/EEA resident using our services.

Legal Basis for Processing

We process personal data under the following GDPR-compliant legal bases:

Consent

When you have explicitly provided your consent, such as opting into non-essential cookies, communications, or other optional features.

Contractual Necessity

To provide and manage your account, deliver search and discovery features, process subscriptions or purchases where applicable, and provide the Service in accordance with our Terms of Service.

Legal Obligation

To comply with legal requirements such as financial regulations, tax obligations, and law enforcement requests.

Legitimate Interests

To protect our business interests, such as improving search quality, measuring performance, preventing fraud, ensuring security, maintaining reliability, and providing customer support. We always balance our legitimate interests against your rights and freedoms.

Personal Data We Process

For complete details on what personal data we collect and how we use it, please see our Privacy Policy. In summary, we may collect:

Contact details (name, email address, profile information)

Account information (login credentials, account preferences)

Search queries, saved items, favorites, or other product interactions

Payment details processed through secure third-party processors

Usage data and analytics (IP address, device information, usage patterns)

Technical data necessary for search, security, performance, and service delivery

We only collect and process personal data that is relevant, adequate, and limited to what is necessary for providing and improving our Service.

Your GDPR Rights

As an EU/EEA resident, you have the following rights regarding your personal data under the GDPR:

Right to be Informed

You have the right to be informed about how your personal data is collected and used

Right of Access

You can request a copy of the personal data we hold about you

Right to Rectification

You can request that we correct any inaccuracies in your personal data

Right to Erasure ('Right to be Forgotten')

You can request that we delete your personal data under certain conditions

Right to Restrict Processing

You can request that we limit the way in which we use your personal data

Right to Data Portability

You can request to receive your personal data in a structured, commonly used, and machine-readable format

Right to Object

You can object to the processing of your personal data under certain circumstances, such as direct marketing

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or significant effects

How to Exercise Your Rights: To exercise any of these rights, please contact us using the information provided in the Contact section below. We will respond to your request within one month, or sooner where feasible.

International Data Transfers

We may transfer your personal data to countries outside the EU/EEA where we or our service providers operate hosting, authentication, analytics, search, database, payment, or support infrastructure. When doing so, we ensure appropriate safeguards are in place:

Standard Contractual Clauses (SCCs)

We incorporate SCCs approved by the European Commission for transfers to third countries, ensuring your data receives adequate protection.

Adequacy Decisions

Where the European Commission has determined that a non-EU country ensures adequate data protection, we may rely on such decisions for transfers.

Additional Safeguards

Our service providers may maintain additional safeguards such as Binding Corporate Rules to ensure consistent protection of your data.

If you would like more information on the specific mechanisms used to transfer your personal data, please contact us using the details below.

Search & Service Processing

Our Service involves specific processing activities that we want to make transparent:

Search and Discovery

We may process search queries, filters, page interactions, and saved resources to return relevant results, improve ranking, and make the Service easier to use.

Recommendations and Ranking

Search ranking, sorting, and recommendations may be automated. These features are designed to organize results and do not produce legal or similarly significant effects on you.

Preferences and Saved Data

If you use account features, we may retain saved resources, preferences, and related activity for as long as needed to provide those features or until deletion is requested.

Data Retention & Security

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in our Privacy Policy and to comply with our legal obligations. Specific retention periods include:

Account data: While your account is active plus reasonable period after closure

Saved searches, favorites, and preferences: While needed to provide account features unless deletion is requested

Analytics and technical logs: Retained for a limited period to maintain security, reliability, and product performance

Security Measures

We implement appropriate technical and organizational security measures to safeguard your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access:

Encryption of data in transit and at rest

Access controls and authentication systems

Regular security assessments and updates

Secure hosting and service processing environments

Staff training on data protection principles

Complaints & Supervisory Authority

If you believe we are processing your personal data in a way that infringes upon your rights or violates the GDPR, we encourage you to contact us first using the details provided below.

Contact Us First

We are committed to resolving any concerns you may have about our data processing practices. Please reach out to us at support@shadcnsearch.dev and we will work to address your concerns promptly.

Supervisory Authority

You also have the right to lodge a complaint with a supervisory authority in the EU/EEA Member State where you live, work, or where the alleged infringement of data protection law has taken place. You can find your local data protection authority through the European Data Protection Board website.

We will cooperate fully with any supervisory authority investigations and work to resolve any identified issues.

Contact Information

For any questions about this GDPR Compliance Statement, to exercise your rights, or to raise concerns about our data processing practices, please contact us:

Email:support@shadcnsearch.dev
Website:https://shadcnsearch.dev
Subject Line:Please include "GDPR Request" in your email subject line for faster processing

We will respond to your GDPR-related requests within one month of receipt, and will provide updates if additional time is needed for complex requests.

This GDPR Compliance Statement is part of our commitment to data protection and privacy rights for all EU/EEA residents using Shadcn Search.