Transpoco is committed to compliance with the General Data Protection Regulation (GDPR), which will go into effect May 25, 2018. The regulation contains the most significant changes to European data privacy legislation in the last 20 years, replacing European Privacy Directive 95/46/EC. It is designed to give EU citizens more control over their data and seeks to unify a number of existing privacy and security laws under one comprehensive law.
The GDPR applies not only to EU-based businesses, but also to any business that controls or processes data of EU citizens. Per the GDPR, personal data is any information relating to an identified or identifiable individual; meaning, information that could be used, on its own or in conjunction with other data, to identify an individual. Our customers can trust that Transpoco has made GDPR a priority and has devoted significant and strategic resources toward our efforts to comply with GDPR.
The contents of these documents are not intended to be legal advice, nor should they be considered a substitute for legal assistance. The final responsibility for understanding and complying with GDPR resides with you, though Transpoco will assist you in meeting GDPR requirements where possible.
Transpoco appreciates that customers have requirements under GDPR that are directly impacted by their use of Transpoco products and services, and Transpoco is committed to help them to fulfill their requirements under GDPR and local law.
Below are a few examples of actions Transpoco has committed to in order to satisfy GDPR requirements that apply to both Transpoco and customers:
Current as of September 16, 2020
Third Party Service/Vendor
|Auth0||Identity Management||Europe - If some transfer to the US is needed, Standard Contractual Clauses (SCCs) are applied.||Auth0|
|HubSpot||CRM||US - Swiss-U.S. Privacy Shield Frameworks and Standard Contractual Clauses (SCCs)||HubSpot|
|Xero||Financial||New Zealand, US and Australia - European Commission’s Standard Contractual Clauses(SCCs)||Xero|
|Chargebee||Financial Subscriptions||California, US - certified to the EU-U.S., Swiss-U.S. Privacy Shield Frameworks and EU Standard Contractual Clauses (SCCs)||Chargebee|
|Intercom||Customer Messaging||Amazon (US) - certified to the EU-U.S. Privacy Shield Framework and Standard Contractual Clauses (SCCs)||Intercom|
|Inspectlet||Debugging||AWS US East data centers in Virginia - Standard Contractual Clauses (SCCs)||Inspectlet|
|Stripe||Financial data (credit cards)||Ireland||Stripe|
|Amazon Web Services||Data and Service Hosting||Ireland||AWS|
|Nuapay||Financial data (debit cards)||Europe||Nuapay|
|Google G Suite||Electronic documents, presentations, spreadsheets, etc||Europe||Google G suite|
|Sentry||Debugging||Mainly in the USA but in other countries as well. They also have SOC 2 certification, HIPAA and HITECH, PCI DSS, EU-U.S. Privacy Shield and Standard Contractual Clauses (SCCs)||Sentry|
|LeasePlan||Fuel Data||Europe and Outside Europe but with all security in place||LeasePlan|
|Asana||Project Management||Amazon (US) - certified in the EU-U.S. Privacy Shield Framework||Asana|
|Trello||Project Management||Amazon and Google Cloud Storage (US) - certified in the EU-U.S. Privacy Shield Framework||Trello|
For many years we have promoted best practices in terms of data protection and data privacy, we have many resources such as sample policies and guidelines on this topic. These resources are all freely available on our website and we encourage you to take a look at them here or reach out to us if you have any queries related to our solutions.