Our GDPR commitment
User research data can contain sensitive personal information about participants. We make sure
that this information is handled carefully, transparently and responsibly when you use
Condens. Naturally this includes our commitment to comply with the EU General Data Protection
Is Condens GDPR compliant?
Yes, Condens is fully compliant with the General Data Protection Regulation (GDPR). We incorporated measures into our data processing practices to ensure that our customers’ data is as secure as possible. We work with IT data protection specialist Fresh Compliance GmbH from Berlin, Germany to continuously ensure GDPR compliance.
Where is the data stored?
Data is processed and stored exclusively in data centers within the European Union. Condens relies on the most secure infrastructure providers with industry leading security practices to host its infrastructure. These data centers are ISO / IEC 27001 certified and thus meet our high requirements for the physical security of our customers' data.
List of subprocessors
How does GDPR impact Condens and its customers?
While working with Condens does not require to enter personal data – except for your billing and signup information – it may be that such data is entered about customer’s employees (our users) or research participants. The processing of such data is regulated by GDPR. In this case the customer is the data controller and Condens is the data processor.
Does Condens rely on privacy shield frameworks or standard contractual clauses?
No. As Condens hosts all data exclusively in the EU we do not rely on such frameworks or contracts. This saves your legal team valuable time and lets you get started with Condens more quickly.
Does Condens have a Data Processing Agreement (DPA)?
Yes. The DPA is incorporated directly into our terms
and you can find the DPA here
. If you decide to go with Condens the DPA automatically comes into effect - no signature needed.
Can I get more information about the technical and organizational measures?
Yes, you can see the implemented technical and organizational measures in the DPA
. If you have any further questions please get in touch: