GDPR Compliance

additional resources

Help Center ↗

Changelog

FAQ

Twingate Trust Center

HIPAA Compliance

PCI Compliance

SOC 2 Report

Responsible Disclosure Policy

GDPR Compliance

The General Data Protection Regulation 2016/679 (GDPR) is a European Union regulation that concerns the processing and handling of personal data.

Twingate complies with GDPR where it is applicable to Twingate’s data processing activities. We recognize that GDPR compliance is a continuous process, and therefore Twingate has a GDPR compliance program to ensure that we maintain compliance on an ongoing basis.

Twingate processes personal data as both a data controller and data processor.

Data Controller

Twingate processes certain personal data as a controller, as described in our Privacy Policy. Twingate has developed practices, processes, policies and documentation to comply with GDPR, such as:

providing privacy notices where required
implementing procedures to process requests to exercise data subject rights
implementing appropriate security measures to safeguard personal data
ensuring third party processors we use process data in accordance with GDPR, including by performing security due diligence and ensuring appropriate contractual terms are in place

Data Processor

Twingate supports customers who are required to comply with GDPR, whether as a controller or a processor.

Twingate helps businesses to provide their workforces with secure access to private technology resources and only collects limited amounts of personal data from customers. Our commitments to customers concerning the handling of personal and other customer data are described in our Customer Agreement.

For customers who need to comply with GDPR, our agreements with customers include a data processing addendum. As a U.S. company, Twingate relies on the Standard Contractual Clauses to support the transfer of personal data from the EU to the U.S., and the UK’s International Data Transfer Addendum to support the transfer of personal data from the UK to the U.S. where compliance with the UK GDPR is required.

Twingate & Customer Data

For general information about the types of customer data Twingate processes and how it processes such data, see Twingate & Customer Data.

Last updated 2 months ago

Home

Guides

Use Cases

VPN Replacement

Infrastructure Access

Device Security Controls

Application Gating

Homelab & Personal Use Cases

Internet Security

Compliance

Architecture

How Twingate Works

How DNS Works with Twingate

Twingate vs. VPNs

Twingate vs. Mesh VPNs

Peer-to-peer Communication

API

Getting Started with the API

Schema

Twingate Labs ↗

managing twingate

Quick Start

Automated Deployment

Connectors

Understanding Connectors

Deploying Connectors

Best Practices

Updating Connectors

Advanced Connector Management

Resources

Remote Networks

Aliases

Team

Users

Groups

Identity Providers

Security Policies

Policy Guides

Two-Factor Authentication

Devices

Client Application

Managed Devices

Device Administration

Services

Headless Clients

CI/CD Configuration

Analytics

Network Overview

Audit Logs

Network Traffic

User Activity

Syncing Data to AWS S3

Internet Security

DNS Filtering

DNS-over-HTTPS (DoH)

Internet Security Client Configuration

Administration

Admin Console Security

Subscription Management

Managed Service Providers

Cancel Your Subscription

additional resources

Help Center ↗

Changelog

FAQ

Twingate Trust Center

GDPR Compliance

HIPAA Compliance

PCI Compliance

SOC 2 Report

Responsible Disclosure Policy

VPN Replacement

Infrastructure Access

Device Security Controls

Application Gating

Homelab & Personal Use Cases

Internet Security

Compliance

How Twingate Works

How DNS Works with Twingate