• Does Picsart use data sub-processors?
• Do you have an Incident Response Plan and notification deadlines?
• How do I contact your Data Protection Officer (DPO)?
• Can I speak to someone about our security requirements?
• Are there European Standard Contractual Clauses (SCC) in place as legal basis for the processing? 
• Do you have a bug bounty program?
• Do you have routine security tests and audits?
• Do you comply with GDPR and CPPA privacy laws?
• Can anyone at Picsart access my data?
• Where is data processed?
• Do you practice data protection by design and by default?
• How does Picsart encrypt data?
• How is my data protected?