Check out this article for information on what we're doing and what you can do to ensure compliance with the General Data Protection Regulation (GDPR).
What is the GDPR?
Effective in May 2018, the European Union updated its data protection regulations. The General Data Protection Regulation (GDPR) regulates how companies access and process the data of people in the European Union (EU). This applies to all companies who do business with people that are EU persons, regardless of where the company is based.
How is Copper compliant with the GDPR?
Copper has an active data privacy compliance program, which includes taking the following actions to protect our EU customers’ data and remain GDPR compliant.
- We follow the GDPR data processing requirements.
- We contractually require relevant third-party service providers to support our obligations under GDPR.
- We publish a list of all third-party providers we work with who may access customer data.
- We use safeguards to protect customer data.
- We provide privacy and information training to all employees interacting with customer data.
- We maintain a security incident response program.
- We are regularly audited by a third party to test our vulnerability risks.
Where can I get more information?
To learn more about GDPR, visit eugdpr.eu. For questions regarding Copper's GDPR compliant, please contact our support team using the in-app chat.
How can I view and sign your Data Processing Agreement (DPA)?
Our Data Processing Agreement (DPA) requires Copper to take many of the actions described above, as required under GDPR. Our DPA is incorporated into our Terms of Service, and automatically covers all applicable customers. In addition, Copper will enter into Copper’s standard DPA with customers on a stand-alone basis, if requested. You can request a copy of our DPA by emailing firstname.lastname@example.org.