Elevio and GDPR Compliance
Last updated: June 2021, effective as of May 25th 2018
On May 25th 2018, the European Union’s new privacy law, the
General Data Protection Regulation
(GDPR) will come into effect.
The GDPR is a sweeping legislation which strengthens the right to know how your data is
collected, processed, stored,
as well as grants the right to have your data deleted (the right to be forgotten).
The GDPR includes conditions like:
- Personal data must be collected in a fair and transparent way and must only be used
- Personal data cannot be collected arbitrarily and must only be collected for a specific
- Personal data can only be held for the time needed to carry out this specific purpose.
- Citizens have the right to know what personal data is being collected. A person may
request a copy of their
data or that they’re data be deleted, restricted, or moved.
Even though GDPR is geared towards citizens of the Eurpoean Union, we believe every user has
the right to privacy and we will be actioning data requests from any individual, within or
outside the EU.
Data Processing Schedule
This DPS shall come into effect on May 25, 2018 and shall continue until it is changed or
terminated in accordance with
To ensure that no terms are imposed on us beyond those reflected in our standard DPA, we
cannot agree to sign customers' specific DPAs as we do not have our own internal legal team.
Any changes to our DPA will require legal counsel and the back and forth that goes with it,
which will be too cost prohibitive for our company. (The exception to this, is our Enterprise level customers)