Codeex

GDPR Policy

Codeex is GDPR Ready

At Codeex, nothing is more important than the success of our clients and the protection of their personal data. With a global client base, we are fully aligned with the General Data Protection Regulation (GDPR). This regulation expands the privacy rights of individuals in the European Union and imposes obligations on organizations that process their personal data.

Whether your company is based in the EU or offers goods or services to EU residents or monitors their behavior, GDPR likely applies to you. At Codeex, we’re committed to helping our customers meet these requirements effectively and responsibly.

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data privacy regulation passed by the European Union in 2016. It applies to any organization that collects or processes personal data of EU individuals and meets specific territorial criteria.

The GDPR strengthens the protection of personal data and introduces a framework that organizations must follow when collecting, storing, using, or sharing this data. “Personal data” under the GDPR is defined broadly and includes virtually any data related to an identifiable individual.

When Did GDPR Go Into Effect?

GDPR compliance became mandatory on May 25, 2018. Any organization collecting or processing EU individuals’ personal data must be in full compliance.

Controllers and Processors

Under the GDPR, a data controller determines how and why personal data is processed, while a data processor acts on behalf of the controller.

  • Codeex functions as a data processor.
  • Our customers (organizations using our platform) act as data controllers.

As a controller, the customer must ensure that their processors (like Codeex) are GDPR compliant. Processors, in turn, are required to maintain records of processing activities and comply with strict security standards.

Codeex’s GDPR Readiness Measures

We embrace the principles of GDPR and continuously ensure our services uphold the highest standards of data protection and privacy. Our GDPR readiness initiative includes the following steps:

  • Strengthened our security infrastructure, including encryption in transit and at rest, advanced logging, alerts, and backups.
  • Conducted risk assessments and data mapping to ensure all personal data is processed in accordance with GDPR guidelines.
  • Established comprehensive data processing agreements with all our customers.
  • Implemented internal policies and recurring training to ensure ongoing employee awareness and compliance.
  • Revised our Terms of Use and Privacy Policy to reflect GDPR requirements.
  • Conducted due diligence on sub-processors to verify their compliance.
  • Appointed a Data Protection Officer (DPO).
  • Released product features for:
    • User profile deletion: Admins can permanently delete personal data at user request.
    • Account deletion: Admins can choose whether to retain or permanently delete account data upon cancellation.

We continue to monitor GDPR guidance and update our practices accordingly.

Data Processing Agreement (DPA)

Codeex provides a Data Processing Agreement (DPA). It can be viewed and downloaded it from our website. For a signed version, please email your signed copy to [email protected], and we’ll return a countersigned version.

DPA Agreement Template >>

Data Protection Officer (DPO)

Codeex has an appointed Data Protection Officer to oversee the privacy program and serve as a contact point for supervisory authorities and data subjects.

Contact: [email protected]

Is Data Stored Outside the EU?

GDPR does not prohibit storing data outside of the EU as long as it is adequately protected. At Codeex, we use Amazon Web Services (AWS), Hostinger and other servers, all GDPR-compliant providers. We primarily use their EU-based data centers (Netherlands, Germany, France, etc.).

Learn More

Visit the official EU GDPR site for more detailed information: https://gdpr.eu

Need Help?

For any GDPR-related inquiries, feel free to contact us at: [email protected]