Important Notice: ElephantSQL is shutting down. Read all about it in our End of Life Announcement

Information Regarding Changes to our Contracts and Policies

Written by Anna Burman

Soon it will be three years since the GDPR was legally enforced. Since then, ElephantSQL has become both SOC 2 Type 2 and HIPAA compliant, our GDPR Compliance Program has expanded, and our processes concerning our customers' privacy have been further enhanced.

As a part of our work to enhance our processes, we have reviewed our contracts and decided to incorporate our Data Processing Agreement (DPA) as an appendix to our Terms of Service. This means that all our customers can feel confident that a DPA governs personal data processing where applicable, without any additional engagement than accepting our Terms of Service.

Our customers can feel confident that, no matter what data center they choose for a server, their data is processed and protected according to international data transfer mechanisms following GDPR’s requirement for secure processing.

As far as our customer data is concerned, our updated Privacy Policy no longer amends the Terms of Service, and acts as a standalone policy, informing our customers on how we handle their data.

If you are one of our customers, please do the following:

  • Review our new Terms of Service, which incorporates our DPA, and Program Policies. It will go into force by April 7 2021, any usage of our services after that date is bound by the new agreements.
  • Review our Privacy Policy.

If you have any questions about our contractual process or GDPR compliance in general, feel free to contact us at We also have some information available on our GDPR Compliance page.