OnboardFlow and the General Data Protection Regulation (GDPR)

In 2016 the European Commission approved and adopted a new framework for European data protection law called the General Data Protection Regulation (GDPR). The GDPR requirements will become effective on May 25, 2018 and will affect all companies who process personal data of individuals in the EU.

Here at OnboardFlow we embrace the changes being brought in by this new regulation and see it as an opportunity to further improve how we communicate with you, use and share your data and fundamentally, how we place your privacy, security and rights at the forefront of everything that we do.

As both a data controller and processor, we have taken measures to ensure our compliance with the GDPR.

GDPR preparedness checklist

We have been working hard over the recent months to ensure compliance with the GDPR. Below is a high-level overview of the key activities we have performed:

  • Appoint a Data Protection Officer

  • Assess our product and business to determine areas impacted by GDPR

  • Conduct an internal audit to ensure that all third parties and suppliers used by OnboardFlow are GDPR compliant

  • Perform necessary changes to the platform (incl. easier to access communication preference controls, explicit acceptance of Terms and Privacy Policies on signup)

  • Update our Privacy Policy

  • Update our Terms & Conditions

  • Create a dedicated page to document our GDPR activities and compliance

  • Create a dedicated page to outline how we secure our customers data

  • Communicate our compliance with our customers

Frequently Asked Questions

As a Data Processor, our updated Terms & Conditions include the necessary data processing clauses. When we are acting as a Data Controller, the terms of our Privacy Policy will govern. If you specifically require a signed copy of our Terms &amp Conditions, then please contact [email protected] and we will send you a copy to sign.

Our server infrastructure is hosted by Amazon Web Services (AWS) - in their North Virginia (US) region. You can read more about our Security provisions and overview by heading to our Security section.

Please email us if you'd like to exercise your rights under GDPR. You can request to have your data deleted as well as request further information on how your data is being used - amongst other things.

We are continually auditing the third-party services that we use, in order to ensure that we are only making use of services that add value to OnboardFlow, the product and its customers. To view a full list of those that we use, please head over to our Privacy Policy.

If you have any further questions please don't hesitate to get in touch with us via our Support Chat or by emailing us on [email protected].

Invite Only

OnboardFlow is currenty invite only. Please contact us with any questions.