Soon it will be three years since the GDPR was legally enforced. Since then, ElephantSQL has become both SOC 2 Type 2 and HIPAA compliant, our GDPR Compliance Program has expanded, and our processes concerning our customers' privacy have been further enhanced.
As a part of our work to enhance our processes, we have reviewed our contracts and decided to incorporate our Data Processing Agreement (DPA) as an appendix to our Terms of Service. This means that all our customers can feel confident that a DPA governs personal data processing where applicable, without any additional engagement than accepting our Terms of Service.
Our customers can feel confident that, no matter what data center they choose for a server, their data is processed and protected according to international data transfer mechanisms following GDPR’s requirement for secure processing.
If you are one of our customers, please do the following:
- Review our new Terms of Service, which incorporates our DPA, and Program Policies. It will go into force by April 7 2021, any usage of our services after that date is bound by the new agreements.
If you have any questions about our contractual process or GDPR compliance in general, feel free to contact us at firstname.lastname@example.org. We also have some information available on our GDPR Compliance page.