Yes, Paperform is GDPR ready! We're also committed to helping our customers prepare for the EU General Data Protection Regulation (GDPR).
The EU General Data Protection Regulation (“GDPR”) is a new comprehensive data protection law that comes into effect on May 25, 2018. It will replace existing EU Data Protection law to strengthen the protection of “personal data” and the rights of the individual. It will be a single set of rules which govern the processing and monitoring of EU data.
If you hold or process the data of an any person in the EU, the GDPR will most likely apply to you, whether you’re based in the EU or not.
There are two different kinds of relationships defined in GDPR, that of "Controller" and that of "Processor". The relationship between you as a customer and Paperform falls under both of these categories.
Paperform acts as a controller in our direct relationship with you as a customer, and the information you give us directly (for example, that which is given when signing up).
The service Paperform provides however is as a processor. We process and store information on the behalf of our customers.
No, this is a common misconception. While there are parts of regulation that apply to the transfer of data across regions, there is no requirement for data be stored in the EU.
We have taken several important steps to become GDPR compliant.
Talk to us at firstname.lastname@example.org.