At PhishingBox, we are committed to ensuring the security and protection of the personal information that we process. Our GDPR preparations have included a comprehensive review of relevant internal processes, procedures, and documentation. Additionally, we have and continue to actively develop and implement data protection policies, procedures, controls, and security measures for GDPR compliance. Some of the key components are outlined below.
PhishingBox AS A PROCESSOR
We process data based on the instructions of the controller (i.e. the customer). As a controller, our clients are responsible to establish a data processing agreement. We provide such agreements for clients as requested.
Data Processing Addendum
PhishingBox has established a Data Processing Addendum (DPA) to assist our partners and customers with GDPR compliance. Email firstname.lastname@example.org for a copy of our DPA.
How We USE Information
We are located in the U.S. GDPR compliant data transfers are conducted via the standard contractual clauses in our DPA.
Security is our business
We maintain a robust information security program. Key highlights of the security program our outlined in our Security Summary.
Want to learn more
GDPR is comprehensive regulation. Visit the European Commission to learn more about data protection in the EU.