airSlate and GDPR

airSlate’s goal is to enable our customers to automate their business workflows while processing the data of EU data residents in a GDPR compliant way.
Schedule demo
What is GDPR?

GDPR went live on May 25th, 2018. It became known as a global standard in protecting the privacy rights of individuals when it comes to handling the personally identifying information of EU residents.

The General Data Protection Regulation (GDPR) applies to both organizations operating within the European Union and organizations that offer goods or services to customers or businesses in the EU. The Regulation provides a single set of rules for protecting the personal data of all EU residents and visitors. In replacing the 1995 Data Protection Directive and increasing the bar on data protections in the EU, the GDPR’s primary objectives are to:

  • Establish personal data protection as a fundamental human right, including the individual’s right to access, correct, erase, or port their own personal data.
  • Strengthen the baseline requirements and responsibilities for ensuring personal data protection.
  • Provide a standardized application for data protection rules across the EU, thereby facilitating the legitimate flow of personal data within and beyond the EU and European Economic Area (EEA).

The GDPR lays out seven key principles:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality (security)
  • Accountability
What are the steps airSlate is taking to be GDPR compliant?

airSlate is a global organization that processes data on behalf of customers from around the world, including the EU. airSlate’s primary site for data hosting is located in the USA. However, some of our products may offer alternative hosting options. To inquire about using alternative hosting locations, please contact our team at support@airslate.com.

Data protection commitment

The airSlate team is dedicated to protecting the data that we process on behalf of our customers.

Our existing certifications and long-standing commitment to privacy frameworks have prepared us for complying with GDPR in a number of ways, including but not limited to:

  • Heavy continuous investments into a strong security infrastructure and relevant security certifications
  • A Dedicated Security Team
  • Minimizing data collection and ongoing reviews and limitations of data access inside an organization
  • Careful vetting of suppliers, subprocessors, and partners
  • Keeping a close eye on changes in GDPR and other international standards for privacy and data protection
  • Staying up-to-date with relevant contractual terms
  • Continuous assessment of data breach risks and best practices for managing them
EU-U.S Data Privacy Framework Program

airSlate participates in EU-U.S Data Privacy Framework program to ensure a secure and compliant international transfers of personal data.

Contractual Obligations

Pursuant to GDPR, airSlate applies the appropriate safeguards to all data transfers outside the EU. Our Privacy Notice incorporates the Data Processing Addendum: it is based on the relevant Standard Contractual Clauses aproved by the European Commission and describes the technical and organizational measures we implement to ensure the safety of personal data. Our Privacy Notice also explains what kind of data airSlate collects, how we use it, and provides the contact information for inquiries related to data privacy.

Customer rights

Additionally, we are prepared to address any requests made by our customers related to their expanded individual rights under the GDPR. You may also contact airSlate at any time if you have specific questions about how you can exercise your data subject rights.

  • Right to be informed: Our Terms of Service and Privacy Policy describe the kinds of data we collect, process, and store. You are encouraged to read and agree to the Terms of Service and Privacy Policy before signing up for airSlate.
  • Right to access: Our Privacy Policy describes what data we collect and how we use it. If you have specific questions about particular data, you can contact us at support@airslate.com for further information.
  • Right to rectification: You may access and update your airSlate account settings at any time to correct or complete your account information.
  • Right to be forgotten: You may terminate your airSlate account at any time and we will permanently delete your account and all data associated with it.
  • Right to restriction of processing: You may restrict or pause data processing by contacting us to submit your request.
  • Right to data portability: We offer users the ability to export their personal data to a third party.
  • Right to object: You may opt-out of your personal data processing by contacting us to submit your request.
  • Right to avoid automated decision-making: airSlate respects user’s rights to not be subject to automated decision-making.

Ready to get started?

Contact us to learn how airSlate can benefit your organization.
Talk to Sales