European Union Flags

Prestavi is GDPR compliant.

Prestavi is committed to compliance with the General Data Protection Regulation (GDPR). Your privacy rights are very important to us. We’ve devoted significant resources towards our efforts to comply with the GDPR.

How we've prepared

We created internal policies for the protection of personal data within Prestavi.

All team members receive training regarding data protection and the GDPR.

All team members are subject to confidentiality obligations concerning personal data.

We identified the personal data that we process and established the lawful basis of processing under the GDPR.

We updated our Privacy Policy and Terms of Service to reflect our compliance with the GDPR.

Our support team is able and ready to fulfill data subject requests promptly.

As a controller, we’ve put in place data processing contracts with processors.

By default, we plan for data protection in new or changed services and systems.

Support for international data transfers by executing Standard Contractual Clauses through our Data Processing Addendum.

We monitor the guidance around GDPR compliance from regulatory bodies and make changes on our end as needed.

Upon request, we will delete all of your information from our systems.

Our role in GDPR compliance

Prestavi acts both as a Data Controller and as a Data Processor.

As a Data Controller, you’re responsible for protecting the data of your employees and customers as they interact directly with services integrated with Prestavi.

As a Data Processor, we are responsible for protecting our customer’s and partner’s data as it moves through our systems.

Your data rights

The right to be informed

You have the right to know what and how we collect and use your data. This privacy policy provides all of the details about that information.

The right of access

You have the right to access your personal data (commonly referred to as subject access). If you suddenly stop paying for your subscription, we have the right to prevent access to your account until you pay any balance owed.

The right of rectification

You have the right to have inaccurate personal information be corrected.

The right of erasure

You have the right to have your personal data erased, known as the Right to be Forgotten, subject to certain limitations under applicable law. If you request that any of your data be deleted, we will effectively close your account and delete all of your data within our possession and, by extension, all of our service providers within thirty days.

The right to restrict processing

You have the right to request the restriction of your data under certain circumstances, such as to opt-out of our email marketing lists.

The right to data portability

You have the right to obtain the personal information we have about you and transfer it to another service provider.

The right to object

You have the right, in certain situations, to object to how or why your personal information is processed.

The right not to be subjected to automated decision-making

You have the right to object and prevent any decision that could have a significant consequence on you made solely based on an automated process. This right is limited if the decision is necessary for performance of any contract between you and us, is allowable by applicable law, or is based on your explicit consent.

The right to complain

You have the right to complain to the appropriate supervisory authority regarding the handling of your personal information. If you have a complaint about our use of your information, we would prefer that you to contact us directly in the first instance so that we can address your complaint. If you are in the European Union, you can file a complaint on the EDPS website found here.

Data Processing Addendum

Our Data Processing Addendum (DPA) sets out the data protection, security, and confidentiality requirements for the processing of personal data needed to provide you with service.

Download Data Processing Addendum

Subprocessors

Prestavi uses third-party subprocessors, such as cloud computing providers and help desk software, to provide our services. We enter into data processing agreements including GDPR Standard Contractual Clauses with each subprocessor.

View our subprocessors

Questions? We have answers.

For any questions related to our GDPR compliance, please reach out to us at gdpr@prestavi.com