The General Data Protection Regulation (GDPR) is the EU's comprehensive data protection law, adopted in 2016. It strengthens data protection rights for EU individuals and governs how personal data may be used by organizations and third parties.
Xodo Sign takes GDPR compliance seriously and has implemented measures to ensure the platform, its processes, and workflows align with GDPR requirements.
How Xodo Sign addresses GDPR requirements
- Data Processing Agreement (DPA): Xodo Sign provides a DPA that enables lawful processing of EU personal data as part of delivering the service.
- Third-party vendor contracts: Contracts with third-party vendors have been reviewed and adjusted for GDPR alignment.
- Right to be forgotten: Customers can permanently delete their account at any time. All associated data is removed and cannot be recovered.
- Right to object: Customers can opt out of having their data included in any data science projects.
- Right to rectification: Customers can access and correct their data at any time in their Xodo Sign account, or by contacting Support.
- Right of access: The Xodo Sign Privacy Policy details what data is collected and why. Contact Support for clarification.
- Right of portability: Customers can request their account data be exported at any time by contacting Support.
Questions?
For more information about Xodo Sign and GDPR compliance, contact our Support team.