Salesroom complies with the General Data Protection Regulation (GDPR). All new vendors, assets and activities pertaining to processing personal data are subject to a review of privacy, security and compliance. We follow relevant processes for transfers of personal data outside the European Union/UK.
Information Commissioner's Office
Deletion of Data
Data Processing Agreement (DPA) and Standard Contractual Clauses (SCC)
Salesroom stores all data in the USA unless we have a vendor specifically located outside of the USA. Where applicable we have entered into, or are in the process of entering into Data Processing Agreements that relies on SCCs for the transfers that goes outside of the EU. You can read more about Subprocessors.
For companies based in Europe.
This Data Processing Agreement in the form of Standard Contractual Clauses is attached to and form part of Salesroom Inc Terms & Conditions (hereinafter referred to as the "Master Agreement") between the data exporter and data importer.
SCCs are standard sets of contractual terms and conditions which both the sender and the receiver of the personal data sign up to and ensure that the rights and freedoms of the individual are considered and upheld.
Standard Contractual Clauses (SCCs) are aimed at protecting personal data that is leaving the EEA and therefore to countries that do not have an adequacy decision, and therefore may not afford the same level of security to personal data. SCCs, through contractual obligation ensure data is protected to a level required under the GDPR.
When sending personal data from within the EEA to someone outside of the EEA then it is necessary to comply with the GDPR and the rules it sets out on international transfers of personal data.
For companies based in the USA.
This Data Processing Agreement (the “Agreement”) forms a part of Salesroom UK Ltd, a subsidiary of Salesroom Inc Terms & Conditions (the “Master Agreement”).