ISOPlanner and GDPR

ISOPlanner is compliant with the EU General Data Protection Regulation [GDPR].

Privacy by Design

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of personal data, username, password, transaction information and data stored on our servers.

Sensitive and private data exchanges between ISOPlanner and its users happen over a TLS secured communication channel (also known as SSL) and is encrypted and protected with digital signatures. All personal data stored on our servers is encrypted at rest.

Subprocessors

We’ve partnered with various providers to offer a reliable service. All of our partners have a great security track record, take personal data privacy seriously, and are fully compliant with GDPR. We have a Data Processing Agreement (DPA) with each of them.

To be fully transparent, here is the complete list of providers who come in direct contact with our users’ personal data:

NameServicesLocationGDPR ComplianceDPA In Place
MicrosoftOffice 365, Azure HostingEURead more
PipedriveCRMEURead more
FreshDeskCustomer SupportEURead more
MoneybirdAccountingEURead more (Dutch)
MakeAutomationEURead more
StripePaymentsGlobalRead more
GeckoboardDashboardingGlobalRead more

Rights of the data subject

Our users have the right to access, correct, export and delete their personal data. They may request an export of their personal data (structured and machine readable format) by contacting us at support@isoplanner.app. We will respond to and proceed with requests within 30 days.

Data Processing Agreement

Find our Data Processing Agreement here: ISOPlanner DPA September 2022