GrowSumo's Plan for GDPR Compliance

Our Commitment to You and the Protection of Your Data

We’re committed to partnering with GrowSumo customers and users to help them understand and prepare for the General Data Protection Regulation (GDPR). The GDPR is the most comprehensive EU data privacy law in decades, and will go into effect on May 25, 2018. Besides strengthening and standardizing user data privacy across the EU nations, it will require new or additional obligations on all organizations that handle EU citizens’ personal data, regardless of where the organizations themselves are located. On this page, we’ll explain our methods and plans to achieve GDPR compliance, both for ourselves and for our customers.

Preparing for the GDPR

The GDPR’s updated requirements are significant and our team is working diligently to bring GrowSumo product offerings and contractual commitments in line before May 25, 2018. Measures to achieve this include:

1. Investing in security infrastructure
2. Making sure we have the appropriate contractual terms in place
3. Ensuring we can continue to support international data transfers by maintaining our Privacy Shield self-certifications, and by executing Standard Contractual Clauses through our updated Data Processing Addendum
4. Product offerings that include new tools for data portability and data management

We’ll also continue to monitor the guidance around GDPR compliance from privacy-related regulatory bodies, and will adjust our plans accordingly if it changes. We’ll provide you with regular updates along the way so that you’re always current.

Our Security Infrastructure and Certifications

Protecting our customers’ information and their users’ privacy is extremely important to us. As a cloud-based company entrusted with some of our customers’ most valuable data, we’ve set high standards for security.

GrowSumo has invested heavily in building a robust security team, one that can handle a variety of issues — everything from threat detection to building new tools. In accordance with GDPR requirements around security incident notifications, GrowSumo will continue to meet its obligations and offer contractual assurances.

If you’d like to learn more about GrowSumo's security policies and procedures, please see our security page. It provides detailed information on how we approach security.

International Data Transfers: Privacy Shield and Contractual Terms

To comply with E.U. data protection laws around international data transfer mechanisms, we self-certify under the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield. These frameworks were developed to establish a way for companies to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States.

Data Portability Solutions and Data Management Tools

GrowSumo has is proud to equip our product with GDPR compliant features. Currently, these tools are fully functional and accessible through our customer success team. As we move these tools out of beta, we will provide each customer with a designated suite of data tools, including:

1. Import and Export Tools
2. Profile Deletion Tools
3. Company Teammate Permission Schemes

Stay Updated

Fulfilling our privacy and data security commitments is important to us. So we’re glad to help you prepare for all the changes the GDPR brings.

This page will be revised to reflect GDPR-related information as it becomes available. If you have any questions about how Growsumo can help you with compliance, we hope you’ll reach out to us.