In 2012, the European Commission began a process to reform Europe's existing data protection laws by proposing a new data protection regulation to replace the current Data Protection Directive. GDPR was agreed and adopted in 2016 and came into effect on 25 May 2018.
GDPR aims to make data protection regulations: more Relevant, Comprehensive and Unified.
GDPR is a significant change but opens the opportunity for companies and organizations to audit their current data processing and storage actions and to ensure their customers are adequately protected.
For the benefit of the customer it shows, demonstrated compliance, enhanced rights and privacy of data by design. One major enhanced right is the right to obtain and reuse personal data across multiple services, as well as the right of deletion of personal data.
How does Couchdrop align with GDPR?
As Couchdrop handles sensitive, personal and company data, Couchdrop and the team take GDPR and other security compliance and processes seriously. Couchdrop understands that the sensitive nature of data, its transfer and storage rely on maintain relevancy in both security principles and governance, but also to building trust with its customers to ensure a peace of mind.
Couchdrop has ensured the following is in place to align the company and its processes with GDPR;
- Updated Privacy Notice and Terms and Conditions to be GDPR compliant, as well as more concise and transparent about how we process personal data.
- Staff Education on the Couchdrop infrastructure and processes to ensure all staff understand GDPR and are compliant and can raise risk and concern should an area of concern be identified.
- Data Breach Alerting, Couchdrop is armed with a rapid response email and announcement to fall in line with GDPR, so that on a rare chance a breach is noted, communications can be sent out in a quick manner.
- Infrastructure and internal processes now fall in line with GDPR.
- We have included the Standard Contractual Clauses in our Data Processing agreement and outlined our approach to data transfers in our whitepapers.
Just because Couchdrop has done the above, does not mean it will stop there. The team at Couchdrop will continue to modify, update you and remain relevant across the security governance spectrum to continue to meet yours, and the wider worlds needs.
How can I sign Couchdrop's Data Processing Agreement
Since both the Couchdrop SFTP and Movebot products use datacenters in the USA to store metadata, it is a requirement that EU/UK companies sign our Data Processing Agreement.
All you have to do is sign and return the agreement: GDPR Data Processing Agreement
Couchdrop Third Parties
Couchdrop uses a range of third parties to help us provide you with a great service and to assist us with communication, infrastructure and understanding your needs better. See below for a list of third parties that Couchdrop uses.
| Product |
Purpose |
Location |
| Amazon Web Services |
Cloud Infrastructure Service Provider |
United States |
| Microsoft Azure |
Cloud Infrastructure Service Provider |
United States |
| Digital Ocean |
Cloud Infrastructure Service Provider |
United States |
| Vultr |
Cloud Infrastructure Service Provider |
United States |
| Wasabi |
Cloud Storage Service Provider |
United States |
| Datadog |
Infrastructure Monitoring Provider |
United States |
| Stripe |
Billing and Payment provider |
United States |
| PayPal |
Billing and Payment provider |
United States |
| Xero |
Billing and Payment provider |
New Zealand |
| Mailchimp |
Electronic Direct Mail and Campaign manager |
United States |
| HubSpot |
CRM |
United States |
| Google Analytics |
SEO and Web analyzing and data reporting tool |
United States |
| Zendesk |
Ticket and Incident Management tool & CRM |
United States |
| Make (formerely Integromat) |
Third party integrator tool for business processes |
United States |
| Trevor |
Third party Analytics and Reporting |
Germany |
| Sentry |
Third party Monitoring and Logging |
United States |
| MongoDB Atlas |
Data Services |
United States |
.svg){kind=logo}