GDPR Compliant from Head to Toe

At PhishingBox, we are committed to ensuring the security and protection of the personal information that we process. Our GDPR preparations have included a comprehensive review of relevant internal processes, procedures, and documentation.

Additionally, we have and continue to actively develop and implement data protection policies, procedures, controls, and security measures for GDPR compliance. Some of the key components are outlined below.

Data Processor

We process data based on the instructions of the controller (i.e. the customer). As a controller, our clients can request approved standard contractual clauses be established.

Standard Contractual Clauses

PhishingBox has adopted the Standard Contractual Clauses (SCCs) to assist our partners and customers with GDPR compliance. Email privacy@phishingbox.com for our SCCs.

Privacy Policy

Privacy is a concern for organizations. Our Privacy Policy outlines how we handle information provided by our customers, their contacts, and visitors to our site.

Data Transfers

We are located in the U.S. GDPR compliant data transfers are conducted via the standard contractual clauses (SCCs).

Security Program

We maintain a robust information security program. Key highlights of the security program our outlined in our Security Summary.

EU Instance

PhishingBox has established an instance of the platform in the European Union. Learn more about the EU instance at here.