Yes! Canny is fully committed to upholding compliance with GDPR.
What is GDPR?
The GDPR (General Data Protection Regulation) is a new comprehensive data protection law that has been in effect since May 25, 2018. It replaced existing EU Data Protection law to strengthen the protection of “personal data” and the rights of the individual. It is a single set of rules which govern the processing and monitoring of EU data.
GDPR Compliance Questions
What personal data is collected?
Your team member names and email addresses.
Your customer data including, but not limited to, names, email address.
Where is data stored and processed?
All data is stored in the United States (with MongoDB Atlas on AWS) and processed with Amazon Web Services (AWS).
It is a common misconception that EU data residency is a requirement of GDPR, but rest assured, we work with multiple EU companies and all data is handled in compliance.
Our DPA includes the Standard Contractual Clauses (SCC), which are accepted as an appropriate safeguard for personal data transfers to non-EEA countries. You can see this same information stated on many websites hosted by legal/data privacy experts, including the official website of the EU.
Do you enter into Data Processing Agreements (DPA)?
Yes. We do offer a standard DPA here at Canny and would be happy to countersign via DocuSign. If you prefer a customized DPA, that does require legal review. Please reach out and start a chat for further details.
What third-parties do you share data with?
Name and Address | Purpose | Applicable Safeguards |
Amazon Web Services 440 Terry Ave N Seattle, WA 98109 | Data Storage & Processing | DPA Signed |
Intercom | Email & Customer Support | DPA Signed |
Stripe 510 Townsend Street San Francisco, CA 94103 | Payments | DPA Signed |
Google Analytics | Analytics | DPA Signed |
Mixpanel | Analytics | DPA as part of TOS |
Amplitude 631 Howard Street, Floor 5 San Francisco, CA 94105 | Analytics | DPA Signed |
FullStory 1745 Peachtree St. NW Ste G Atlanta, GA 30309 | Analytics | DPA Signed |
ProftWell | Analytics | DPA Signed |
MongoDB 1633 Broadway 38th Floor New York, NY 10019 | Data Storage | DPA as part of TOS |
Sentry | Error Handling | DPA Accepted |
Mailgun | DPA Signed | |
Hotjar St. Julians Business Centre, Level 2 3 Elia Zammit Street St. Julians STJ 1000, Malta | Analytics | DPA Signed |
How do I exercise my GDPR rights as a data subject?
You can contact us directly via live chat or send an email to privacy@canny.io
What are your company details?
Canny is operated by Canny Inc. Our mailing address is:
831 N Tatnall St Suite M #140
Wilmington, DE 19801
USA
See more details on our Privacy Policy.