GDPR Compliance

Protecting your data.

GDPR Compliance

GDPR Compliance

At PhishingBox, we are committed to ensuring the security and protection of the personal information that we process. Our GDPR preparations have included a comprehensive review of relevant internal processes, procedures, and documentation. Additionally, we have and continue to actively develop and implement data protection policies, procedures, controls, and security measures for GDPR compliance. Some of the key components are outlined below. 

Data Processor


We process data based on the instructions of the controller (i.e. the customer).  As a controller, our clients can request approved standard contractual clauses be established.  

Standard Contractual Clauses


PhishingBox has adopted the Standard Contractual Clauses (SCCs) to assist our partners and customers with GDPR compliance. Email for our SCCs.

Privacy Policy

How We USE Information

Privacy is a concern for organizations. Our Privacy Policy outlines how we handle information provided by our customers, their contacts, and visitors to our site.  

Data Transfers

Crossing borders

We are located in the U.S. GDPR compliant data transfers are conducted via the standard contractual clauses (SCCs).  

Security Program

Security is our business

We maintain a robust information security program. Key highlights of the security program our outlined in our Security Summary.  

EU Instance

Keep your data at home

PhishingBox has established an instance of the platform in the European Union. Learn more about the EU instance at here