How is Gnowbe handling data privacy in the EU?
At Gnowbe, we take data privacy and security seriously, especially when it comes to compliance with stringent regulations like the General Data Protection Regulation (GDPR), which governs data privacy in EU countries.
Data Hosting & Compliance with EU Regulations:
Gnowbe’s data is securely hosted on AWS servers in the United States, a provider that maintains robust security standards and compliance certifications, including ISO 27001, SOC 2, and others relevant to data protection. Our data hosting practices are compliant with Article 44 of the GDPR, which allows for data transfers outside of the EU provided that appropriate safeguards are in place.
Safeguards for International Data Transfers:
We rely on Standard Contractual Clauses (SCCs), as approved by the European Commission, to legally transfer personal data from the EU to the US. These contractual clauses ensure that the data receives GDPR-equivalent protection even when processed outside the EU. AWS, as our data processor, also provides contractual commitments aligned with GDPR requirements to ensure data protection.
GDPR Compliance & Best Practices:
At Gnowbe, we take data privacy and security seriously, especially when it comes to compliance with stringent regulations like the General Data Protection Regulation (GDPR), which governs data privacy in EU countries.
Data Hosting & Compliance with EU Regulations:
Gnowbe’s data is securely hosted on AWS servers in the United States, a provider that maintains robust security standards and compliance certifications, including ISO 27001, SOC 2, and others relevant to data protection. Our data hosting practices are compliant with Article 44 of the GDPR, which allows for data transfers outside of the EU provided that appropriate safeguards are in place.
Safeguards for International Data Transfers:
We rely on Standard Contractual Clauses (SCCs), as approved by the European Commission, to legally transfer personal data from the EU to the US. These contractual clauses ensure that the data receives GDPR-equivalent protection even when processed outside the EU. AWS, as our data processor, also provides contractual commitments aligned with GDPR requirements to ensure data protection.
GDPR Compliance & Best Practices:
- Data Minimization: We collect and process only the data necessary for providing our services
- Access Controls: Role-based access control (RBAC) is implemented to limit data access to authorized personnel only
- Encryption: Data is encrypted both at rest and in transit to prevent unauthorized access
- Data Subject Rights: We have procedures in place to support data subject rights, such as the right to access, rectify, delete, and port personal data
- Breach Notification Procedures: In the unlikely event of a data breach, we have established protocols to notify relevant supervisory authorities and affected individuals in accordance with GDPR timelines
Privacy by Design and Default:
Gnowbe integrates privacy by design principles into the development of our products, ensuring that data protection measures are considered from the outset of any new feature or process.
Vendor & Sub-Processor Management:
We conduct thorough due diligence on all third-party vendors and sub-processors to ensure they meet our strict data privacy and security standards.
Ongoing Compliance Efforts:
Regular security audits, data protection impact assessments (DPIAs), and employee training are conducted to maintain high standards of data protection.
Gnowbe integrates privacy by design principles into the development of our products, ensuring that data protection measures are considered from the outset of any new feature or process.
Vendor & Sub-Processor Management:
We conduct thorough due diligence on all third-party vendors and sub-processors to ensure they meet our strict data privacy and security standards.
Ongoing Compliance Efforts:
Regular security audits, data protection impact assessments (DPIAs), and employee training are conducted to maintain high standards of data protection.
Â
Â
See also - Magic Creator powered by Gnowbe AI: FAQs