As May 25th approaches, HubSpot is staying focused on their GDPR compliance efforts. During this implementation period they are evaluating new requirements and restrictions imposed by the GDPR and are ready to take any action needed to ensure they handle personal customer data in compliance with applicable law.
HubSpot’s certification under the new EU-US Privacy Shield Framework, a program for the transfer of data between the EU and US, has also been confirmed by the US Department of Commerce.
The Changes Within HubSpot
Product Changes
HubSpot’s tech and security teams are working hard to make necessary changes to the HubSpot service. They will be providing updates up until the May 2018 deadline, setting out the steps they will be taking to ensure that both they and their product are compliant with the GDPR.
Legal Documentation
The HubSpot Legal team are also busy updating legal documentation (Customer Terms of Service, Data Processing Agreement & Privacy Policy) to reflect any product changes and include the mandatory Processor provisions required by the GDPR.
About GDPR & Transfers Outside the EU
HubSpot maintains a Privacy Shield certification with the US Department of Commerce. This ensures that sufficient protection is in place when personal data is transferred from the EU to the US. References to HubSpot’s Privacy Shield certification are included in both their Customer Terms of Service and Privacy Policy. HubSpot also offers a Data Processing Agreement that contains the EU-approved Model Clauses to certain EU/EEA based customers upon request.
To find out more please follow this link.