GDPR Statement

In May 2018, the EU General Data Protection Regulation (GDPR) replaces the existing 1995 EU Data Protection Directive (European Directive 95/46/EC).

Designed to minimise risks to sensitive information from the inception, DupZapper currently complies with applicable data protection regulations and is committed to GDPR compliance across its services. Amongst our product features facilitating GDPR compliance are following.

Pseudonymised Data Collection and Processing. All data collected and processed by DupZapper in pseudonymised form. Pseudonymisation occurs on customer side of the integration by assigning data subjects unique identifiers, ensuring DupZapper has no knowledge of real subject identities.

Private Data Processing. DupZapper never shares collected personal data with other clients. The data processing is performed on DupZapper servers located in the UK and the data is not shared with third-parties. When necessary, personal data can be collected and processed in a different jurisdiction upon request.

Complete Control of the Data. DupZapper provides API to retrieve all personal information that it collects for each data subject in raw form. This API can be integrated with customer’s system to respond to data subject requests automatically.

Data Retention. DupZapper is able to securely erase data subject’s personal information upon receiving request from the customer.