Last updated: 6th November 2020

Goodkind complies with all GDPR mandated data security and privacy legislation.

  • Payment processing: Goodkind uses Stripe or Blackbaud Merchant service to process payments, both are PCI Level 1 Service Providers.
  • Data Protection: Goodkind’s Lead Developer serves as our DPO (data protection officer).
  • Privacy Policy: Goodkind’s privacy policy is embedded our terms of service.
  • Data Processing Flows: Goodkind can provide a record of data processing flows on request.
  • 3rd Party Compliance: All Goodkind vendors are vetted prior to any engagement to ensure GDPR compliance. Our vendors include Microsoft Azure & MongoDB.
  • SSL: Goodkind has the most up-to date security certificates.
  • Data Accessibility: Controls are in place to ensure differential access to client data among our internal teams.
  • Data Storage Location: All data is stored in our client’s geographic zone preference (European data centre locations include: Ireland, UK South, The Netherlands, France, Germany).
  • Data Processor: Goodkind is classified as a data processor per GDPR definition for your customer data.