Retrium is compliant
Click here to sign our Data Processing Agreement
Download a copy of our DPA
Yes. We are fully compliant with the General Data Protection Regulation (GDPR). We are committed to our customers’ success, including compliance with the GDPR and EU Data Protection laws in general.
The European Commission approved and adopted the General Data Protection Regulation (GDPR), which is the biggest change in data protection laws in Europe since the 1995 introduction of the European Union (EU) Data Protection Directive, also known as Directive 95/46/EC or simply the Directive. The GDPR aims to strengthen the security and protection of personal data in the EU and replaces the Directive and all local laws relating to it.
Yes! If you (or anyone else in your company who uses Retrium) are located in the EU, you might need to sign a Data Processing Agreement (DPA) with us to allow for the transfer of your data to our U.S. data centers. Our Data Processing Addendum is available for e-signature here and for download here. Please check with your legal counsel to determine if your company needs to sign a DPA with us.
We store data in data centers provided by Amazon Web Services (AWS) located in the United States (see https://aws.amazon.com/security for information on their security practices). Therefore, personal data will be transferred to the United States for purposes related to providing our products and services.
Our service features require that data be transferred to the U.S. In addition, our employees and contractors may need access to data stored in the EU from a non-EU country (e.g., U.S.) for technical and support related reasons. In all cases where data is transferred outside of the EU, Retrium commits to ensuring such transfers are compliant with applicable data transfer laws, including GDPR.
Yes. Our Data Processing Addendum incorporates the EU Controller to Processor Standard Contractual Clauses (SCCs) as a transfer mechanism for personal data. Our Data Processing Addendum is available for e-signature here and for download here.
Yes. We understand that our customers, and in particular, our European customers, will require that, where we are a processor of EU personal data, we execute additional terms that meet GDPR obligations with respect to the processing of that EU personal data. Our Data Processing Addendum is available for e-signature here and for download here.