Missive is compliant with the EU General Data Protection Regulation [GDPR].
Article 1. Subject-matter and objectives
General Data Protection Regulation
- This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.
- This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.
- The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data.
Here are some of the processes and practices we have in place to protect our users’ data:
Privacy by Design 32
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of personal data, username, password, transaction information and data stored on our servers.
Sensitive and private data exchanges between Missive and its users happen over a TLS secured communication channel (also known as SSL) and is encrypted and protected with digital signatures. All personal data stored on our servers is encrypted at rest.
We’ve partnered with various providers to offer a reliable service. All of our partners have a great security track record, take personal data privacy seriously, and are fully compliant with GDPR. We have signed a Data Processing Agreement (DPA) with each of them.
To be fully transparent, here is the complete list of providers who come in direct contact with our users’ personal data:
|Name||Services||Location||GDPR compliance||DPA signed with Missive|
|Heroku||Web servers, database||🇺🇸||Read more||✅|
|AWS||File hosting, CDN, secrets management||🇺🇸||Read more||✅|
|Rollbar||Error reporting||🇺🇸||Read more||✅|
|Stripe||Payment processing||🇺🇸||Read more||✅|
|Librato||Infrastructure monitoring||🇺🇸||Read more||✅|
|Canny||Customer feedback, public roadmap||🇺🇸||Read more||✅|
|Postmark||Transactional emails||🇺🇸||Read more||✅|
|Campaign Monitor||Newsletters||🇦🇺||Read more||✅|
Subscribe to this RSS feed to be notified of new subprocessors.
Our users have the right to access, correct, export and delete their personal data. They may request an export of their personal data (structured and machine readable format) by contacting us at email@example.com. We will respond to and proceed with requests within 30 days.
Please refer to How to delete my Missive user account? for detailed steps to delete all your personal data from Missive. This self-served process is available at any time.
Data Processing Agreement
Our users can request a data processing addendum with us by contacting firstname.lastname@example.org.
This document was last updated on August 19, 2020.