The General Data Protection Regulation 2016/679 (GDPR) is a European Union regulation that concerns the processing and handling of personal data.
Twingate complies with GDPR where it is applicable to Twingate’s data processing activities. We recognize that GDPR compliance is a continuous process, and therefore Twingate has a GDPR compliance program to ensure that we maintain compliance on an ongoing basis.
Twingate processes personal data as both a data controller and data processor.
- providing privacy notices where required
- implementing procedures to process requests to exercise data subject rights
- implementing appropriate security measures to safeguard personal data
- ensuring third party processors we use process data in accordance with GDPR, including by performing security due diligence and ensuring appropriate contractual terms are in place
Data Processor Twingate supports customers who are required to comply with GDPR, whether as a controller or a processor.
Twingate helps businesses to provide their workforces with secure access to private technology resources and only collects limited amounts of personal data from customers. Our commitments to customers concerning the handling of personal and other customer data are described in our Customer Agreement.
For customers who need to comply with GDPR, our agreements with customers include a data processing addendum. As a U.S. company, Twingate can also enter into Standard Contractual Clauses (Controller to Processor) to support the transfer of personal data from the EU to the U.S., as well as the UK to the U.S. where compliance with the UK GDPR is required.
Last updated 2 hours ago