The General Data Protection Regulation (GDPR) is an EU regulation that establishes a new legal framework to protect the personal data of EU residents. Organizations that are established in the EU, as well as organizations that process personal data of EU residents, are required to comply with the GDPR. With this page we want to explain you how we are committed to GDPR compliance.

 

Data Processor vs. Data Controller

If you are one of our customers, your organization acts as the data controller for any personal data provided to us. The data controller determines the purposes and means of processing personal data. We act as the data processor, processing data on your organization’s behalf when you use one of our products.

If you are one of our customers and handle information about EU citizens, we advice you to Download our Data Processing Agreement, sign and send back a copy to us via e-mail.

 

Safe and Secure

We ensure a level of security appropriate to the risk and in line with article 32 of the GDPR.

 

We use the following sub-processors

We are required by law to provide our customers with an updated list of our sub-processors that we use to provide the best possible service to you. We are confident that these providers (data processors) have a highly robust approach to data protection, understand the obligations of the GDPR and are well prepared to meet them.

NameType of processingLocationWebsiteWebpage
Google

Infrastructure
E-mail

EU https://www.google.com https://cloud.google.com/security/gdpr/
Citrix Podio Infrastructure EU https://podio.com https://help.podio.com/hc/en-us/articles/360000980392-Where-is-data-hosted-
GlobiFlow Infrastructure US http://www.globiflow.com https://help.podio.com/hc/en-us/articles/360000980392-Where-is-data-hosted-
CloudVPS Infrastructure EU https://www.cloudvps.com https://www.cloudvps.com/blog/how-does-gdpr-affect-cloudvps-customers

 

[ Last update 2018-11-16 ]