• Important GDPR notice for Bitrix24 users from the European Union

    Yuliya Skorobogatova 24 May 2018
    1-02.png
    GDPR is an important piece of legislation that regulates personal data processing for the residents of the European Union. It comes into effect on May 25, 2018. You can learn more about GDPR in this Wikipedia article.

    We’ve updated all our services to make sure they meet GDPR guidelines. If your organization is located in the European Union and you are using Bitrix24, be aware of the following changes:

    Data Processing Agreement and updated Privacy Policy

    We’ve added the Data Processing Agreement to our websites. Simply print the signed DPA and add your company information. The agreement comes into effect when your Bitrix24 account administrators provide all necessary information in the account settings (GDPR Compliance section) for our records keeping.

    Data hosting

    It’s important to understand that Bitrix24 accounts can be hosted inside and outside the European Union, depending on which Bitrix24 domain you’ve chosen. It’s a common misconception that GDPR requires you to host your data inside the EU. That’s not the case. However, GDPR requires to notify the EU residents about international data transfers when they happen. Still, we recommend that our European clients use Bitrix24.eu, Bitrix24.de, Bitrix24.pl or Bitrix24.fr accounts just to be on the safe side, because these accounts are hosted in AWS data centers in Frankfurt, Germany, which are fully GDPR compliant. Bitrix24.com, Bitrix24.es and Bitrix24.com.br data is stored in the United States. Also, keep in mind that commercial Bitrix24 users can submit helpdesk requests to transfer their data from one data center to another (EU to US or the other way around).

    GDPR compliance for your employees and clients

    If your business resides in the EU or works with the EU customers, you are required to meet all GDPR requirements as well. When using Bitrix24 CRM web forms and our live chat widget, you need to activate the option that asks for consent of personal data processing or contact your regional Bitrix24 partner to help you with that. Likewise, your employees or your clients from the European Union, whose data you store in Bitrix24, have all the same GDPR rights (right to erasure, right to access, etc.). We’ve added two marketplace apps that allow you to delete, anonymize or port out personal data for Bitrix24 users (employees) and CRM records.

    If you have any questions or need assistance, don’t hesitate to contact our customer support.
3,000,000+
organizations
are already using Bitrix24