GDPR & UK GDPR Compliance

On May 25, 2018, the EU’s General Data Protection Regulation (GDPR) went into effect, establishing new global privacy rights for individuals in the European Union. Since then, the United Kingdom has adopted a parallel privacy framework known as UK GDPR following its departure from the EU.

At BugSplat, we take your data privacy seriously. We’ve worked hard to meet and exceed the obligations set out in both the EU GDPR and the UK GDPR.


BugSplat as a Data Processor

BugSplat operates as a processor on behalf of our customers, who act as controllers of their end-user data. We only process data as instructed by our customers and in accordance with applicable data protection laws.


What We’ve Done to Comply with the GDPR & UK GDPR

Company-Level Actions

  • Consulted with external counsel to understand how both EU and UK GDPR affect BugSplat and our users

  • Reviewed and updated our Data Processing Agreement (DPA) to reflect:

    • The latest EU Standard Contractual Clauses (SCCs)

    • The UK Addendum for data transfers from the United Kingdom

  • Audited all vendors and subprocessors and signed DPAs where required

Product-Level Changes

  • Give customers the option to automatically obfuscate personally identifiable information (PII) such as usernames, email addresses, and IP addresses

  • Added a consent checkbox to crash dialog forms for end-users to voluntarily provide crash data

  • Provide tooling to allow customers to permanently delete specific users, email addresses, or IPs from all crash reports


Our Data Processing Agreement (DPA)

Our DPA reflects the requirements under both the EU GDPR and UK GDPR, including SCCs and the UK Addendum for international data transfers.

If you'd like to review or sign our DPA, please contact us at [email protected].

Additional Information

For more info about BugSplat and GDPR please see our Security page and our Privacy Policy.

Last updated

Was this helpful?