GDPR Compliance

Last Modified: June 26, 2019

Does GDPR affect me?

If you’re based in the EU or do business in the EU the GDPR affects you. If you have any EU personal data in your Flatter Files account, such as names, email addresses, ID numbers, or anything personally identifiable, then GDPR applies. You are a Controller of personal data under GDPR, so you need to enter into GDPR-compliant data processing agreements with any online services and third party vendors you rely on, including Flatter Files. These agreements are commonly called a Data Processing Addendum, or DPA.

Data Processing Addendum

Processing EU personal data must be governed by a GDPR-compliant contract. We provide a standard Data Processing Addendum (DPA) to extend GDPR privacy principles, rights, and obligations everywhere personal data is processed. Please contact us at gdpr@flatterfiles.com.

Subprocessors

Flatter Files uses third party subprocessors, such as cloud computing providers and analytics software, to provide our services. We enter into GDPR-compliant data processing agreements with each subprocessor, and require the same of them. A list of Flatter Files subprocessors can be found here.