| title | description |
|---|---|
Privacy Regulation Reference |
Privacy laws are in a lot of flux. Here’s info you should know. |
The data privacy regulatory landscape is undergoing a lot of change. You probably have heard about the EU General Data Protection Regulation (GDPR) that went into effect on May 25, 2018. There are also other regulations in the works around the world. We’ve written up this reference document to put information about our compliance with privacy regulations in one place.
You can find our Privacy policy here.
- We are in compliance with the GDPR. We participate in the EU-US and Swiss-US Privacy Shield Framework to safeguard the transfer of personal data to the US.
- We are in the process of ensuring compliance with the California Consumer Privacy Act (CCPA) and have expanded your rights in our privacy policy accordingly.
- We are also watching and preparing for other legislation in the US and in other countries.
We will update this document as we ensure compliance with other regulations.
We are not HIPAA-compliant and currently do not have plans to become so.
Increasingly, privacy regulations require processing of personal data be governed by a data processing addendum (DPA) that is compliant with those regulations.
We provide a standard Data Processing Addendum (DPA) that is GDPR-compliant to extend GDPR privacy principles, rights, and obligations everywhere personal data is processed. If you use our products to process any EU personal data, you need to enter into GDPR-compliant data processing agreements with any online services and third party vendors you rely on, including Basecamp, LLC.
Basecamp participates in the EU-US and Swiss-US Privacy Shield Framework to safeguard the transfer of personal data to the US, meeting the GDPR requirement for adequate data protection laws.
Basecamp uses third party subprocessors, such as cloud computing providers and customer support software, to provide our services. We enter into GDPR-compliant data processing agreements with each subprocessor, and require the same of them.
You can see which subprocessors we use by application: