Plume is committed to privacy and has implemented a GDPR compliance program. Here is an overview of the key steps Plume has taken to comply with the GDPR:
- Data processing agreements: When we act as a Data Processor, we ask our customers to sign our GDPR-compliant Customer Data Processing Addendum which contains provisions required by Article 28 of the GDPR. In addition, we ask vendors processing Personal Data on our behalf or on behalf of our customers to sign our GDPR-compliant Vendor Data Processing Addendum.
- Cross-border data transfers: We comply with applicable legal requirements providing adequate safeguards for the transfer of Personal Data from the EU, Switzerland, and the UK to other regions. In particular, we transfer Personal Information to countries for which adequacy decisions have been issued by the European Commission or use contractual protections for the transfer of Personal Data to third parties, such as the European Commission’s standard contractual clauses.
- Data Security: We have implemented appropriate technical and organizational measures to protect the security of EU Personal Data.
This page is not intended to describe Plume’s processing of non-EU Personal Data. It is also not intended to provide legal advice. Please seek appropriate legal advice to ensure that your company complies with the requirements of the GDPR.