GDPR Commitment
Last Updated: 2nd August 2024
Our Commitment Statement to You and the Protection of Your Data
At Deskpro, we are dedicated to assisting our customers and users in understanding and, where applicable, complying with the General Data Protection Regulation (GDPR). The GDPR is a comprehensive EU data privacy law that came into effect on 25 May 2018, strengthening and standardizing user data privacy across EU member states. It introduces new or additional obligations on all organizations that handle EU citizens' personal data, regardless of where the organizations are located. Here, we outline how Deskpro supports our customers in complying with both EU and UK GDPR.
GDPR Compliance
The GDPR's updated requirements are significant, and our global team has adapted Deskpro's product offerings, operations, and contractual commitments to help our customers comply with the regulation. Measures that Deskpro (which processes data on behalf of our customers) has implemented include:
- Investments in our security infrastructure and certifications.
- Updates to relevant contractual terms.
- Support for international data transfers by executing standard contractual clauses through our updated Data Processing Addendum, available to all customers.
- Regional data hosting available across all plans, with hosting options in EU, UK and US. Note: Enterprise plan allows customers to choose from locations across 6 continents.
- Deployment options for hosting your help desk software with us on Deskpro Cloud, or self-hosted/managed with Deskpro On-Premise.
Our Security Infrastructure Standards and Certifications
Protecting our customers’ information and their users’ privacy is extremely important to us. As a cloud-based company entrusted with some of our customers’ most valuable data, we have set high standards for security. Deskpro has received several security certifications, including SOC 2 from the American Institute of Certified Public Accountants (AICPA), and internationally recognized security certification for ISO 27001 (information security management system).
Deskpro has invested heavily in building a robust security team capable of handling a variety of issues, from threat detection to building new tools. In accordance with GDPR requirements related to security incident notifications, Deskpro will continue to meet its obligations and offer contractual assurances.
If you would like to learn more about Deskpro's security policies and procedures, please visit our security page. It provides detailed information on our approach to security, including a white paper on how Deskpro ensures user data security, technical and organizational measures (TOMs), and encryption standards.
International Data Transfers
To comply with European Union data protection laws regarding international data transfer mechanisms, we offer European Union Model Clauses, also known as Standard Contractual Clauses, to meet adequacy and security requirements for our customers who operate in the European Union and the United Kingdom. A copy of our standard Data Processing Addendum, incorporating Model Clauses, is available by emailing support@deskpro.com.
While Deskpro remains self-certified under the EU-US Privacy Shield and the Swiss-US Privacy Shield, we are not currently relying on these frameworks for the transfer of personal data.
Updates
At Deskpro, we are committed to the security and privacy of your data. We are glad to comply, and help you comply, with the GDPR. If you have any questions about your rights under the GDPR as a user or about how Deskpro can assist you with compliance as a customer, please get in touch with us at support@deskpro.com. Visit our Trust Center to learn more about our privacy, security, and compliance programs.