Rooted in SmartSuite's ethos of product development and customer service is an unwavering dedication to privacy and security. We consistently reassess our operations to guarantee the safety of your data. Complying with Europe’s General Data Protection Regulation (GDPR) is a responsibility we take seriously, and we are always ready to help our customers meet these standards.

For additional information on our customer data security and privacy practices please refer to our Global Privacy Policy.

GDPR stands for the General Data Protection Regulation. It is a comprehensive data protection law that was implemented in the European Union (EU) in May 2018. The GDPR replaced the previous Data Protection Directive and introduced stronger data protection regulations and expanded rights for individuals.

The primary goal of the GDPR is to enhance the privacy and protection of personal data of EU residents. It applies to organizations, both within and outside the EU, that process personal data of individuals located in the EU. The regulation applies to various entities, including businesses, government agencies, and nonprofit organizations, regardless of their location, if they handle personal data of EU residents.

SmartSuite offers Data Processing Agreements (DPAs) to customers upon request. SmartSuite's DPA incorporates standard contractual clauses ("Model Clauses") as a means of facilitating GDPR-compliant data transfers. To request a DPA, please contact our sales team.

Kindly note that our DPA is specifically tailored to SmartSuite's service offerings, and modifications to the DPA language are limited to qualified Enterprise accounts.

SmartSuite servers are located in the US and hosted by AWS using servers based in their Ohio region (US-East-2). If you’d like a deeper understanding of how SmartSuite manages customer data and privacy, you can read more in our Global Privacy Policy.

If you have further questions, please reach out to our sales team.