Help center      Security & Compliance  
GDPR Statement

GDPR Statement

Updated April 1, 2024

What is GDPR?

The EU General Data Protection Regulation (“GDPR”) is a comprehensive data protection law that came into effect on May 25, 2018. It replaced the existing EU Data Protection law to strengthen the protection of “personal data” and the rights of the individual. It is a single set of rules which govern the processing and monitoring of EU data.

We are GDPR Compliant

Process Street has undergone a GDPR compliance review and we’ve taken many steps to ensure full compliance and security for all our user data. Here are a few highlights of what we have done:

Data Protection Officer

We’ve appointed a Data Protection Officer, Cameron McKay to oversee and advise on our data management. Get in touch via chat or by emailing [email protected].

Data Processing Addendum

We’ve created a data processing addendum (DPA) that supplements our Terms of Service and provides contractual safeguards to our customers for the processing of the personal data sent through Process Street, enabling these customers to be compliant with the GDPR. If you need a copy of our DPA, your organization’s administrator can email [email protected].

International Data Transfers

In connection with the performance of the Agreement, Customer authorizes Process Street to transfer Personal Information to the United States. Customer and Process Street will enter into Standard Contractual Clauses for the Transfer of Personal Data to Processors Established In Third Countries pursuant to Commission Decision 2010/87/EU of 5 February 2010 Countries (” Model Contract”). This document is covered in Exhibit B of our Data Processing Addendum.

Vetting Sub-processors

As part of our compliance review, we’ve scrutinized all third-party vendors we use to make sure they also prioritize the security and privacy of personal data. We’ve ensured our signed contracts with them take the highest levels of security into consideration. We know data security doesn’t just stop with us, and we’ll continue to vet any new sub-processors in the future.

Processes, procedures, and training

Being a process-driven company was a great help in becoming compliant. We’ve updated our existing processes and implemented some more around subject access requests, and process reviews. We’ve also had all team members undergo data protection training and GDPR training.

Breach Management

We updated our existing breach management and communication process to comply with the GDPR regulations concerning the escalation process and requirements for data subject notification.

Updated Privacy Policy

We’ve updated our Privacy Policy to make it more clear about what data we collect and how it is used. Our new Privacy Policy is effective May 25, 2018.

More Information

Questions?

If you have any questions about GDPR or would like to make a Subject Access Request, feel free to reach out to us via chat or at [email protected].

Please note if you are a member or guest user in Process Street, your administrator is responsible for your account. Contact your administrator first and if needed, they can contact us for requests. This is covered in our Privacy Policy.

Discover Process Street

Use Process Street to make your team processes fun, fast and faultless. We'll help you transform your team's static checklists into powerful interactive workflows!

Learn more about Process Street

YouTube videos
Deep dive into Process Street with our YouTube video series.
Join a webinar
Effectively record, replicate, and replace your workflow!
See latest releases
Catch up on the latest releases and enhancements.
Join the community
Share with others about how you are using the app day to day.

Take control of your workflows today.