Organizations established in the EU and processing personal data of EU-based individuals are, in almost all cases, required to comply with the GDPR since May 25, 2018. The GDPR updates and harmonizes the framework for processing personal data in the European Union, and brings with it new obligations for organizations and new rights for individuals.
We have been fully committed to complying with the requirements of the GDPR. We have taken these new requirements to heart and made changes to our products, contracts and policies to ensure that we were fully in compliance with the GDPR.
The data is stored on a RDS database on AWS (Amazon Web
Services) in Dublin, Ireland. Data is never replicated or copied out of the region.
We keep data for 18 months. After that period our system
automatically deletes Personal Data.
A Personal Data Breach is a breach of security leading to the
accidental or unlawful destruction, loss, alteration, unauthorised
disclosure of, or access to, personal data.
We have specific data breach notification procedures in place,
respecting the deadlines of the GDPR in communicating any breach.