Q: Questions Regarding GDPR Compliance
I need urgent clarification on your GDPR compliance to decide whether to keep my license or request a refund.
Is Evolup fully GDPR compliant under German laws?
Evolup uses Google Fonts and Font Awesome, which send requests to U.S. servers and cannot be deactivated. Given GDPR restrictions on data transfers outside the EU, why can't these resources be disabled, and how does Evolup ensure compliance?
Where are your servers located? Is all data processing and storage within the EU?
The cookie message may not suffice under European laws. How does your cookie consent mechanism meet GDPR requirements?
Do you offer a DPA outlining how personal data is handled, including third-party processors? If so, please provide it.
What steps has Evolup taken to ensure full GDPR compliance, especially for German users?
Thank you.
Lea_Evolup
Dec 6, 2024A: Hi,
Here’s how Evolup addresses these concerns:
Google Fonts and Font Awesome:
Currently, Evolup uses Google Fonts, which makes calls to U.S. servers. However, users have the option to modify their design to remove these fonts or include them directly within their template files. We are also working to improve our templates so that Google Fonts are no longer called from Google servers by default.
Server Locations:
Our servers and data storage are located within the EU, ensuring that data processing complies with GDPR requirements.
Cookie Consent:
Evolup's cookie consent mechanism ensures that third-party scripts are only loaded after explicit user consent is given. This approach aligns with GDPR regulations regarding user consent.
Data Processing Agreement (DPA):
At this time, Evolup does not offer a formal DPA.
Steps for GDPR Compliance:
We prioritize compliance with GDPR standards, particularly for German users, by hosting data within the EU and offering customization options to help align with regional regulations.
For additional steps or specific adjustments, feel free to contact our team directly—we’re here to help! 😊
a81662ee5c3f4daaa896ac9e0a63de8aHi Lea, I am writing to inquire about the current status of your efforts to ensure GDPR compliance, particularly concerning German users. I have previously reached out to your support team but have yet to receive a viable solution.
I am eager to utilize my 50 licenses. However, without GDPR compliance, the risk is too significant. I would appreciate your response and assistance. Kind regards Andre
Hi Andre,
Thank you for reaching out. If you haven’t received an update yet, it means they are still awaiting a response from the dedicated team handling this matter. Rest assured, as soon as they have concrete information, they will share it with you.
We appreciate your patience and understanding.
Hi Lea, when will this be implemented: "We are also working to improve our templates so that Google Fonts are no longer called from Google servers by default." Answer of your support: "No roadmap, no timeline ..." Thanks, Andre
Hi Lea, and another info. It isnt that easy: "However, users have the option to modify their design to remove these fonts or include them directly within their template files." I need to hire an developer for that, no support from evolup ... a little bit frustrating, to be honest. Kind regards, Andre
Hi Andre,
I understand the frustration. Evolup is a SaaS solution designed to be used as-is, so custom design changes fall outside our support. We understand your concern about Google Fonts, which is why we’re working on removing external calls by default, though we don’t have a timeline yet. If this is critical, a developer may be needed for customization. We appreciate your feedback!
Overall, I consider Evolup to be a good product. However, a truly successful product distinguishes itself through its service: 1) Keeping announcements 2) Providing a clear roadmap 3) Offering support that delivers solutions - Gdpr conformity should be standard for SaaS in EU! Evolup or Wizi Users in EU be careful - data of your users is being sent to Google, with significant legal risks for you!!
Hi Andre, thank you for the feedback that we value! We take GDPR compliance seriously, our servers & data storage are located within the EU, ensuring that data processing complies with GDPR requirements & 3rdparty scripts are only loaded after user consent. We're working to remove Google Fonts calls by default, but users can also modify their design to remove Google Fonts or host them locally.
I have now hired 3 developers on Fiverr, and none of them was able to accomplish the task. The statement "but users can also modify their design to remove Google Fonts or host them locally" sounds like mockery. When will google fonts be removed or implemented locally? I am starting to feel misled.
Hi Andre,
We understand your concern. While we don’t provide direct intervention, you have access to the template customization via FTP. This allows you to modify the HTML and store fonts locally on your FTP server.