What is the GDPR?

The General Data Protection Regulation (GDPR) is one of the biggest legislative changes made since 1975. To be effective from May 25, 2018, the primary goal of these changes is protection of personal data and rights of EU residents.

Our Commitment toward GDPR

We are committed to upholding the privacy and rights of our customers across the platform. The essence of the GDPR directly aligned with our core values of customer trust and data privacy. We are actively working toward defining our roadmap for GDPR to overhaul our systems and processes in accordance with the standards. We endeavour to achieve GDPR compliance prior to the May 25, 2018 deadline.

Whom does the GDPR affect?

The GDPR applies not only to organizations located within the EU but also to organizations located outside of the EU if they offer goods or services to, or monitor the behavior of EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the location of the companies.

Where can I know more about the GDPR?

You can refer to the following links for more information on the GDPR and how you can prepare for it.

Where is your data stored?

Your data is stored on the Amazon Web Services platform. These servers are based in London, England and in Ireland. We store app data in London and customer data in Ireland to ensure additional security on your private documents.

Is your data encrypted?

Yes. Data is transferred to using HTTPS and stored at rest using Transparent Data Encryption.

How do you delete data?

You can delete both your own account as well as individual recipients and all their data from within the app itself. Account delete functions are instant cannot be recovered.

Which sub processors do you use?

We use multiple 3rd party applications to help us deliver the experience. You can read more about those apps in our List of 3rd Party Applications.

Do you have a specific data processing agreement?

We have a data processing agreement in place with all currency suppliers and 3rd party vendors as listed above. We do not have a specific data processing agreement for our customers and cover off on all policies in our Terms and Conditions and Privacy Policy.

Who is your Data Processing Officer? isn’t required to have a GDPR Officer. GDPR only requires an officer if the organisation is a public body, conducts large scale systematic monitoring of individuals such as behaviour tracking, or tracks special categories of data such as health.