Q: Questions Regarding GDPR Compliance
I need urgent clarification on your GDPR compliance to decide whether to keep my license or request a refund.
Is Evolup fully GDPR compliant under German laws?
Evolup uses Google Fonts and Font Awesome, which send requests to U.S. servers and cannot be deactivated. Given GDPR restrictions on data transfers outside the EU, why can't these resources be disabled, and how does Evolup ensure compliance?
Where are your servers located? Is all data processing and storage within the EU?
The cookie message may not suffice under European laws. How does your cookie consent mechanism meet GDPR requirements?
Do you offer a DPA outlining how personal data is handled, including third-party processors? If so, please provide it.
What steps has Evolup taken to ensure full GDPR compliance, especially for German users?
Thank you.
Lea_Evolup
Dec 6, 2024A: Hi,
Here’s how Evolup addresses these concerns:
Google Fonts and Font Awesome:
Currently, Evolup uses Google Fonts, which makes calls to U.S. servers. However, users have the option to modify their design to remove these fonts or include them directly within their template files. We are also working to improve our templates so that Google Fonts are no longer called from Google servers by default.
Server Locations:
Our servers and data storage are located within the EU, ensuring that data processing complies with GDPR requirements.
Cookie Consent:
Evolup's cookie consent mechanism ensures that third-party scripts are only loaded after explicit user consent is given. This approach aligns with GDPR regulations regarding user consent.
Data Processing Agreement (DPA):
At this time, Evolup does not offer a formal DPA.
Steps for GDPR Compliance:
We prioritize compliance with GDPR standards, particularly for German users, by hosting data within the EU and offering customization options to help align with regional regulations.
For additional steps or specific adjustments, feel free to contact our team directly—we’re here to help! 😊