GDPR Compliance

Last updated: April 24, 2026

Last updated: January 2026

Our Commitment to GDPR

Reboot Computer Services Inc. is committed to compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"). This page explains your rights as an EU/EEA data subject and how we fulfill our obligations as a data controller and, where applicable, as a data processor.

Data Controller

For customers who access ANTIV as a hosted service, Reboot Computer Services Inc. acts as the data controller for account and billing information, and as a data processor for device security data processed on your behalf.

For self-hosted deployments (where you run ANTIV on your own infrastructure), you are the data controller for all data stored in your instance.

Legal Basis for Processing

  • Contract performance — Processing necessary to provide the ANTIV security service you have subscribed to
  • Legitimate interests — Security monitoring, fraud prevention, and service improvement
  • Legal obligation — Compliance with applicable laws
  • Consent — Where we explicitly ask for and receive your consent (e.g. marketing communications)

Your Rights Under GDPR

  • Right of Access — Request a copy of the personal data we hold about you
  • Right to Rectification — Request correction of inaccurate or incomplete data
  • Right to Erasure — Request deletion of your personal data ("right to be forgotten"), subject to legal retention requirements
  • Right to Restriction — Request that we limit processing of your data in certain circumstances
  • Right to Data Portability — Receive your data in a structured, machine-readable format
  • Right to Object — Object to processing based on legitimate interests
  • Rights Related to Automated Decision-Making — We do not make solely automated decisions that have legal or similarly significant effects on you

Exercising Your Rights

To exercise any of the above rights, contact our Data Protection contact at privacy@antiv.io. We will respond within 30 days. We may need to verify your identity before processing your request.

Data Transfers

If your data is transferred outside the EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection.

Supervisory Authority

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local data protection supervisory authority.

Data Processing Agreement

Enterprise and MSP customers who require a Data Processing Agreement (DPA) may request one by contacting legal@antiv.io.