GDPR Commitment

Posted: June 3, 2019
Last Modified: March 3, 2020

We consider it our duty to take good care of your data and we are proud to attest our compliance with applicable General Data Protection Regulation (GDPR) rules as the data processor for our Services.

Nature of Data Processing

We process all your data solely for the purpose of providing our Services. Your data is kept only for as long as it is necessary to ensure uninterrupted service, as well as to meet any legal and regulatory obligations. We only share your data with authorized service providers and business partners upon your consent, as outlined in our Privacy Policy. For identification of the third party services we use to process your personal information, and where they are located, please see our subprocessor listing.

Scope of Data Processing

We only process personal data that is required for the delivery of our Services. We assess on an ongoing basis how much and what kind of data we need in order to meet this purpose in a lawful, fair and transparent manner.

Technical and Organizational Safeguards

To ensure that proper security controls are present all source code is internally peer-reviewed before it can be deployed to production servers. In addition, all employees sign a non-disclosure agreement and are briefed on the critical importance of protecting your data, as well as their personal responsibilities with respect to GDPR. To protect you against accidental data loss, we maintain multiple off-site backups in the Netherlands and the United States. All backups are encrypted in transit and at rest.

Access to Personal Data

If you have questions or requests regarding your data please write to [email protected].