Legal
GDPR compliance information
April 2026 · Controller: Nikola Milic PR Labart · Service: Pigeon (pigeon.grim-digital.com)
This page summarizes how Pigeon approaches the EU General Data Protection Regulation (GDPR). It is informational and does not replace legal advice.
1. Roles
For account holders and visitors of pigeon.grim-digital.com, Nikola Milic PR Labart typically acts as a controller of personal data. When you upload subscriber lists, you are often an independent controller for that data; we process subscriber data as a processor on your instructions to deliver the service.
2. Categories of personal data
- Identity and contact: name, email, billing identifiers.
- Account and technical: credentials, project settings, logs, IP address.
- Newsletter recipients: email addresses and optional attributes you collect.
- Engagement data: opens, clicks, bounces, complaints (where tracking is enabled).
3. Legal bases (controller processing)
Depending on context, we rely on:
- Contract — to provide Pigeon and billing.
- Legitimate interests — security, abuse prevention, product improvement, and analytics where balanced against your rights.
- Consent — where required (e.g., non-essential cookies or marketing communications about Pigeon itself).
- Legal obligation — tax, accounting, or lawful requests.
4. Data subject rights
EU data subjects may have rights to access, rectification, erasure, restriction, object to certain processing, and data portability where applicable. Requests about data we process as your processor (e.g., your subscribers) may need to be fulfilled by you as the controller, with our reasonable assistance.
5. Processors
We use subprocessors that may process personal data, including:
- Cloud and email delivery providers — hosting, message transmission, storage, and related infrastructure.
- Paddle — payment processing (note: our payment processor integration may be updated; check checkout pages for the current provider).
We enter into data processing terms where required and assess subprocessors for security practices appropriate to the risk.
6. Retention
We retain data only as long as necessary for the purposes above. Account data is kept for the life of the contract plus a reasonable period for legal and dispute resolution needs. Engagement and delivery logs may be retained in line with deliverability and analytics needs, then minimized or aggregated. Subscriber data you store is deleted when you delete it or close your project, subject to backups.
7. How to submit a GDPR request
Email pigeon@grim-digital.com with "GDPR request" in the subject, describe your request, and include information to verify your identity. We respond within statutory timelines (typically within one month, extendable where complex).
8. Data Protection Officer (DPO)
For GDPR inquiries, contact our designated privacy contact at pigeon@grim-digital.com. For small organizations, a formal DPO may not be mandatory under GDPR; this address serves as your point of contact for privacy matters.
9. Supervisory authority
You have the right to lodge a complaint with a supervisory authority in your EU member state.
Data Controller
- Company name:
- NIKOLA MILIC PREDUZETNIK LABART
- Address:
- Ruze Sulman 17, 23101, Zrenjanin, Srbija
- TAX ID:
- 113343290
- Company ID:
- 66755657
- Email:
- pigeon@grim-digital.com
- Website:
- pigeon.grim-digital.com