GDPR & UK GDPR Compliance
On May 25, 2018, the EU’s General Data Protection Regulation (GDPR) went into effect, establishing new global privacy rights for individuals in the European Union. Since then, the United Kingdom has adopted a parallel privacy framework known as UK GDPR following its departure from the EU.
At BugSplat, we take your data privacy seriously. We’ve worked hard to meet and exceed the obligations set out in both the EU GDPR and the UK GDPR.
BugSplat as a Data Processor
BugSplat operates as a processor on behalf of our customers, who act as controllers of their end-user data. We only process data as instructed by our customers and in accordance with applicable data protection laws.
What We’ve Done to Comply with the GDPR & UK GDPR
Company-Level Actions
Consulted with external counsel to understand how both EU and UK GDPR affect BugSplat and our users
Reviewed and updated our Data Processing Agreement (DPA) to reflect:
The latest EU Standard Contractual Clauses (SCCs)
The UK Addendum for data transfers from the United Kingdom
Audited all vendors and subprocessors and signed DPAs where required
Product-Level Changes
Give customers the option to automatically obfuscate personally identifiable information (PII) such as usernames, email addresses, and IP addresses
Added a consent checkbox to crash dialog forms for end-users to voluntarily provide crash data
Provide tooling to allow customers to permanently delete specific users, email addresses, or IPs from all crash reports
Our Data Processing Agreement (DPA)
Our DPA reflects the requirements under both the EU GDPR and UK GDPR, including SCCs and the UK Addendum for international data transfers.
Additional Information
Last updated
Was this helpful?