Last updated: 6th November 2020
Goodkind complies with all GDPR mandated data security and privacy legislation.
- Payment processing: Goodkind uses Stripe or Blackbaud Merchant service to process payments, both are PCI Level 1 Service Providers.
- Data Protection: Goodkind’s Lead Developer serves as our DPO (data protection officer).
- Privacy Policy: Goodkind’s privacy policy is embedded our terms of service.
- Data Processing Flows: Goodkind can provide a record of data processing flows on request.
- 3rd Party Compliance: All Goodkind vendors are vetted prior to any engagement to ensure GDPR compliance. Our vendors include Microsoft Azure & MongoDB.
- SSL: Goodkind has the most up-to date security certificates.
- Data Accessibility: Controls are in place to ensure differential access to client data among our internal teams.
- Data Storage Location: All data is stored in our client’s geographic zone preference (European data centre locations include: Ireland, UK South, The Netherlands, France, Germany).
- Data Processor: Goodkind is classified as a data processor per GDPR definition for your customer data.