GDPR Compliance

1. Our Commitment

Taskbeast is operated by Endelbyte srl, an Italian company headquartered in Brescia. As a service built and hosted in the European Union, we design our product around the requirements of the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and the Italian Personal Data Protection Code.

2. Data Controller

For personal data processed in connection with the Taskbeast service, the data controller is:

Endelbyte srl
Via Luciano Manara 5bis, Brescia, 25126, Italy
Email: info@taskbeast.ai

3. Roles: Controller and Processor

When you sign up for Taskbeast and we process information about you (such as your account details and billing data), we act as the data controller.

When you use Taskbeast to manage your guests, reservations, and messages, we process personal data about your guests on your behalf and instructions, acting as a data processor. In that capacity, you remain the controller and are responsible for ensuring you have a lawful basis to share guest data with us.

4. Legal Bases for Processing

We process personal data on one or more of the following legal bases:

• Performance of a contract — to provide the Services you have signed up for.
• Legitimate interests — to operate, secure, and improve the Services, provided your interests and rights do not override ours.
• Consent — for non-essential cookies, marketing communications, and any processing that requires it.
• Legal obligation — to comply with tax, accounting, and other applicable laws.

5. Your Rights as a Data Subject

Under GDPR you have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectification — ask us to correct inaccurate or incomplete data.
• Erasure — request deletion of your personal data, subject to legal retention requirements.
• Restriction — ask us to limit how we use your data in certain circumstances.
• Objection — object to processing based on legitimate interests, including direct marketing.
• Portability — receive your data in a structured, machine-readable format, or have it transferred to another provider where technically feasible.
• Withdraw consent — at any time, where processing is based on consent.
• Lodge a complaint — with the Italian Data Protection Authority (Garante per la protezione dei dati personali) or your local supervisory authority.

6. How to Exercise Your Rights

To exercise any of these rights, email info@taskbeast.ai from the address associated with your account, or write to the postal address above. We respond to verified requests within one month, as required by GDPR, and may extend that period by up to two further months for complex requests, notifying you of the extension.

7. International Data Transfers

Personal data is processed primarily within the European Economic Area. Where data is transferred to processors located outside the EEA (such as certain cloud or messaging providers), we rely on adequacy decisions of the European Commission or, where none applies, on Standard Contractual Clauses and supplementary safeguards.

8. Sub-processors

We use carefully selected sub-processors — including infrastructure, payment, communication, and analytics providers — to deliver the Services. Each sub-processor is bound by a data processing agreement that requires them to handle personal data only on documented instructions and to apply appropriate security measures. A current list of sub-processors is available on request.

9. Security

We apply technical and organizational measures appropriate to the risk, including encryption in transit, access controls, audit logging, and regular review of our security practices. In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the competent supervisory authority and, where required, affected individuals.

10. Data Processing Agreements

Customers who require a Data Processing Agreement (DPA) under Article 28 GDPR can request one by contacting info@taskbeast.ai. We offer a standard DPA that incorporates the European Commission's Standard Contractual Clauses where applicable.