Our GDPR commitment
User research data can contain sensitive personal information about participants. We make sure that this information is handled carefully, transparently and responsibly when you use Condens. Naturally this includes our commitment to comply with the EU General Data Protection Regulation (GDPR).
Is Condens GDPR compliant?
Yes, Condens is fully compliant with the General Data Protection Regulation (GDPR). We incorporated measures into our data processing practices to ensure that our customers’ data is as secure as possible. We work with IT data protection specialist Fresh Compliance GmbH from Berlin, Germany to continuously ensure GDPR compliance.
Where is the data stored?
Data is processed and stored exclusively in data centers within the European Union. Condens relies on Amazon Web Services and Google Cloud Platform to host its infrastructure. These data centers are ISO / IEC 27001 certified and thus meet our high requirements for the physical security of our customers' data.List of subprocessors
How does GDPR impact Condens and its customers?
While working with Condens does not require to enter personal data – except for your billing and signup information – it may be that such data is entered about customer’s employees (our users) or research participants. The processing of such data is regulated by GDPR. In this case the customer is the data controller and Condens is the data processor.
Can I get more information about the technical and organizational measures?
Yes, we are happy to explain the implemented technical and organizational measures in further detail. Please get in touch:firstname.lastname@example.org
Does Condens have a Data Processing Agreement (DPA)?
Yes, we have prepared a DPA which we send to you upon request.