GDPR Compliance

The General Data Protection Regulation 2016/679 (GDPR) is a European Union regulation that concerns the processing and handling of personal data.

GDPR Compliance

Twingate complies with GDPR where it is applicable to Twingate's data processing activities. We recognize that GDPR compliance is a continuous process, and therefore Twingate has a GDPR compliance program to ensure that we maintain compliance on an ongoing basis.

Twingate processes personal data as both a data controller and data processor.

Data Controller
Twingate processes certain personal data as a controller, as described in our Privacy Policy. Twingate has developed practices, processes, policies and documentation to comply with GDPR, such as:

  • providing privacy notices where required
  • implementing procedures to process requests to exercise data subject rights
  • implementing appropriate security measures to safeguard personal data
  • ensuring third party processors we use process data in accordance with GDPR, including by performing security due diligence and ensuring appropriate contractual terms are in place

Data Processor
Twingate supports customers who are required to comply with GDPR, whether as a controller or a processor.

Twingate helps businesses to provide their workforces with secure access to private technology resources and only collects limited amounts of personal data from customers. Our commitments to customers concerning the handling of personal and other customer data are described in our Customer Agreement.

For customers who need to comply with GDPR, our agreements with customers include a data processing addendum. As a U.S. company, Twingate can also enter into Standard Contractual Clauses (Controller to Processor) to support the transfer of personal data from the EU to the U.S.


Did this page help you?