The General Data Protection Regulation 2016/679 (GDPR) is a European Union regulation that concerns the processing and handling of personal data.
Twingate complies with GDPR where it is applicable to Twingate’s data processing activities. We recognize that GDPR compliance is a continuous process, and therefore Twingate has a GDPR compliance program to ensure that we maintain compliance on an ongoing basis.
Twingate processes personal data as both a data controller and data processor.
- providing privacy notices where required
- implementing procedures to process requests to exercise data subject rights
- implementing appropriate security measures to safeguard personal data
- ensuring third party processors we use process data in accordance with GDPR, including by performing security due diligence and ensuring appropriate contractual terms are in place
Twingate supports customers who are required to comply with GDPR, whether as a controller or a processor.
Twingate helps businesses to provide their workforces with secure access to private technology resources and only collects limited amounts of personal data from customers. Our commitments to customers concerning the handling of personal and other customer data are described in our Customer Agreement.
For customers who need to comply with GDPR, our agreements with customers include a data processing addendum. As a U.S. company, Twingate relies on the Standard Contractual Clauses to support the transfer of personal data from the EU to the U.S., and the UK’s International Data Transfer Addendum to support the transfer of personal data from the UK to the U.S. where compliance with the UK GDPR is required.
Twingate & Customer Data
For general information about the types of customer data Twingate processes and how it processes such data, see Twingate & Customer Data.
Last updated 8 hours ago