GDPR Compliance

GDPR Compliance

Posted: June 3, 2019
Last Modified: June 3, 2019

We consider it our duty to take good care of your data and we are proud to attest our compliance with applicable General Data Protection Regulation (GDPR) rules as the data processor for GreetBot-related services.

Nature of Data Processing

We process all your data solely for the purpose of providing our services. Your data is kept only for as long as it is necessary to ensure uninterrupted service, as well as to meet any legal and regulatory obligations. We only share your data with authorized service providers and business partners upon your consent, as outlined in our Privacy Policy.

Scope of Data Processing

We only process personal data that is required for the delivery of our services. We assess on an ongoing basis how much and what kind of data we need in order to meet this purpose in a lawful, fair and transparent manner.

Technical and Organizational Safeguards

Our team has decades of experience building and securing enterprise software and has put a number of measures in place to protect our software from security defects and safeguard your data against information security breaches.

To ensure that proper security controls are present all source code is internally peer-reviewed before it can be deployed to production servers. In addition, all new employees sign a non-disclosure agreement and are briefed on the critical importance of protecting your data, as well as their personal responsibilities with respect to GDPR.

Hosting is performed on the servers operated by TransIP B.V., an ISO 27001-certified hosting provider based in Leiden, The Netherlands. To protect you against accidental data loss, storage of backups is located in The Netherlands as well as in the United States. All backups are encrypted in transit and at rest.

Access to Personal Data

If you have questions or requests regarding your data please write to