Missive and GDPR 🇪🇺

Missive is compliant with the EU General Data Protection Regulation [GDPR].

Article 1. Subject-matter and objectives

  • This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.
  • This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.
  • The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data.
General Data Protection Regulation

Here are some of the processes and practices we have in place to protect our users’ data:

Privacy by Design 32

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of personal data, username, password, transaction information and data stored on our servers.

Sensitive and private data exchanges between Missive and its users happen over a TLS secured communication channel (also known as SSL) and is encrypted and protected with digital signatures. All personal data stored on our servers is encrypted at rest.

Subprocessors

We’ve partnered with various providers to offer a reliable service. All of our partners have a great security track record, take personal data privacy seriously, and are fully compliant with GDPR. We have signed a Data Processing Agreement (DPA) with each of them.

To be fully transparent, here is the complete list of providers who come in direct contact with our users’ personal data:

Name Services Location GDPR compliance DPA signed with Missive
 Heroku Web servers, database 🇺🇸 Read more
 AWS File hosting, CDN, secrets management 🇺🇸 Read more
 Rollbar Error reporting 🇺🇸 Read more
 Stripe Payment processing 🇺🇸 Read more
 Librato Infrastructure monitoring 🇺🇸 Read more
Canny Customer feedback, public roadmap 🇺🇸 Read more
Postmark Transactional emails 🇺🇸 Read more
Campaign Monitor Newsletters 🇦🇺 Read more

Subscribe to this RSS feed to be notified of new subprocessors.

Rights of the data subject 15 16 17 20 21

Our users have the right to access and export their personal data. Upon request, we will provide them with information about whether we hold any of their personal data. They may access (structured and machine readable format), correct, or request deletion of their personal data by contacting us at privacy@missiveapp.com. We will respond to and proceed with requests within 30 days.

Data Processing Agreement

Our users can request a data processing addendum with us by contacting privacy@missiveapp.com.

This document was last updated on June 04, 2018.