Frequently Asked Questions (FAQ)

1. General Compliance

- Are you compliant with GDPR and other relevant data protection laws?

2. Data Protection Policies

- Do you have a Data Protection Policy in place?  

- Can you provide a copy of your Data Processing Agreement (DPA)?

3. Hosting and Data Storage

- Where is your data hosted? 

- Can data be stored in specific regions to comply with local laws?

4. Security Measures

- What security measures are in place to protect data?  

- Do you have any third-party security certifications?

5. Consent and Individual Rights

- How do you handle user consent?    

- How can individuals exercise their rights under GDPR and similar laws (e.g., access, erasure, portability)?   

- Providing tools or features within our platform that enable clients to locate, access, or delete data upon request.

6. Incident Management

- How do you manage data breaches? 

7. Vendor and Third-Party Management

- How do you ensure third-party vendors comply with privacy laws?

8. Employee Training and Accountability

- How do you ensure employees handle data responsibly?

9. Proof of Compliance

- Can you provide evidence of past compliance audits or certifications?    

- Do you conduct regular Privacy Impact Assessments (PIAs)?

10. Legal and Regulatory Alignment

- Do you work with legal counsel or a Data Protection Officer (DPO)?   

11. Cross-Border Data Transfers

- How do you ensure compliance with GDPR for cross-border data transfers?