info157Q: Hello, you say you are GDPR certified.
However, at https://www.dataprivacyframework.gov/list you are listed as an inactive company. The EU's new agreement with the USA only allows this option in order to host the data outside the EU in a legally secure manner. However, they would also have to be actively certified there. Can you please tell me how you comply with the GDPR from your point of view? As I understand it, they would either have to be certified at https://www.dataprivacyframework.gov/list or host the data in Europe. Thank you for your reply.
Erhan_Ethicsign
May 14, 2024A: Hi Info157,
Thank you for reaching out with your concerns regarding GDPR compliance. We understand the importance of data protection and take our responsibilities under GDPR very seriously.
I would like to clarify that while we are not currently listed as active on the [Data Privacy Framework](https://www.dataprivacyframework.gov/list), we ensure GDPR compliance through our use of Microsoft Azure as our hosting platform. Microsoft Azure is committed to GDPR compliance across its cloud services, and by leveraging Azure, we inherit a robust framework of security and privacy protections designed to safeguard data.
We are addressing the matter of our status on the Data Privacy Framework list to ensure it accurately reflects our active compliance efforts. We appreciate your vigilance and understanding as we continue to ensure that our data handling practices meet the highest standards set forth by GDPR.
We will also evaluate and follow up on the work we need to do as a team.
Thanks
Erhan
It doesn't work that way. After all, a certified tool does not equal a certified product.
Verified purchaser
Thank you for your detailed information.
If there is a process we have missed, we will work as a team to complete these processes as soon as possible.
I'm interested in finding a GDPR-compliant signing tool. Can you tell me where the data servers are located that process user data?
Looks very interesting but I also have doubts that I can use it in Europe. As far as I understand If you store information you act as Data Processor and you should have an agreement with the user as responsible of GDPR compliance. Anyway, I attach other tool info even though it is neither at the mentioned list it, hope it helps for clarification for European users. https://www.jotform.com/gdpr-compliance/
Looks very interesting but I also have doubts that I can use it in Europe. As far as I understand If you store information you act as Data Processor and you should have an agreement with the user as responsible of GDPR compliance. Anyway, I attach other tool info even though it is neither at the mentioned list it, hope it helps for clarification for European users. https://www.jotform.com/gdpr-compliance/
Verified purchaser
I hope this message finds you well. Upon a recent review of our product, we have identified some areas where our GDPR compliance measures may need enhancement. We take data privacy and security very seriously, and it is our top priority to ensure that our product fully aligns with GDPR regulations.
To address these identified gaps promptly, we are initiating the necessary steps to enhance our GDPR compliance measures. Our team is dedicated to swiftly implementing the required changes to uphold the highest standards of data protection and privacy.
We appreciate your understanding and cooperation as we work diligently to strengthen our GDPR compliance.