The EU General Data Protection Regulation (“GDPR”) is a data protection law that came into effect on May 25, 2018. It is a single set of rules which govern the processing and monitoring of EU data. It is designed to give EU citizens and residents more control and visibility over how their personal data is used by businesses.
While we can’t tell you if the GDPR captures your business, generally the GDPR applies if your business has an establishment in the EU, offers goods or services to individuals in the EU, or monitors behaviours of those in the EU.
If you think you might be caught by the GDPR or you’re not sure, we recommend that you seek legal advice to make a determination and plan for compliance.
For information you provide directly to us as a customer (e.g. your name and email address), Paperform acts as Controller. For information captured using Paperform's services, Paperform acts as a Processor. It is important that we all comply with the GDPR when transferring personal data.
No, this is a common misconception. There is no requirement for data to be stored in the EU, as long as it is adequately protected in line with the requirements of the GDPR.
We have taken several important steps:
Talk to us at mailto:firstname.lastname@example.org.