Since May 25, 2018 (and even beforehand) monday.com has been complying with the GDPR. For those who are not familiar with it, the GDPR is the biggest change in data protection laws in Europe since the 1995 introduction of the European Union (EU) Data Protection Directive. The GDPR aims to strengthen the security and protection of personal data in the EU.
We thought it would be a good time to update you guys with the most frequently asked questions about this new regulation.
- Is monday.com GDPR compliant?
Yes. monday.com is compliant to the extent required on or before May 25, 2018 and will continue to comply on an ongoing basis. You can learn more about Monday and GDPR at www.monday.com/terms/gdpr
- Where does monday.com host its customer data? (or) Is monday.com able to restrict data hosting and processing within the EU?
monday.com hosts its customer data in Amazon Web Services (AWS) data centers in the US. We don't have plans to use data centers in the EU and cannot restrict data to the EU. However, the GDPR do not require this. Instead, what is required is that data processors like us, have in place "appropriate safeguards" for its customers data wherever it is. Additionally, as part of our GDPR compliance, we offer a Data Processing Addendum (“DPA”) in which we commit to protect your data in accordance with the GDPR. You can review monday.com's DPA at www.monday.com/terms/dpa. If you need a signed copy of this DPA, you can download it, send a signed copy to firstname.lastname@example.org and we’ll provide you a countersigned copy.
- Does monday.com offer a Data Processing Addendum (DPA)?
Monday.com offers a Data Processing Addendum (“DPA”) in which we commit to protect your data in accordance with the GDPR. You can review monday.com's DPA at www.monday.com/terms/dpa. If you need a signed copy of this DPA, you can download it, send a signed copy to email@example.com and we’ll provide you a countersigned copy
- Does monday.com has to have a Data Processing Officer (DPO) appointed?
Yes. monday.com has appointed Privacy veteran Aner Rabinovitz as its Data Protection Officer, for monitoring and advising on monday.com's ongoing Privacy compliance and serving as a point of contact on Privacy matters for data subjects and supervisory authorities. Aner Rabinovitz may be reached at firstname.lastname@example.org
If you have any further questions about GDPR, feel free to reach out to our customer success team at email@example.com. We are here for you 24/7.