At the Contentment Foundation, we've been preparing for GDPR to ensure that we fulfill obligations and maintain our transparency about how we use data.

What’s GDPR?   

The EU General Data Protection Regulation (“GDPR”) is a new comprehensive data protection law, coming into effect on May 25, 2018. It will replace existing EU Data Protection law in order to strengthen the protection of “personal data” and the rights of the individual. GDPR will be a single set of rules which govern the processing and monitoring of data.

Does it affect me? 

If you hold or process the data of any person in the EU, the GDPR will apply to you, whether you’re based in the EU or not.

How is Contentment Foundation preparing for GDPR?

Our teams have been working to define our GDPR roadmap. This is a large overhaul of processes and data models to make sure we’re meeting our legal obligations and doing the best thing for our customers.

Inquire about Privacy Management to request your information or to request to be deleted.

Data Processing Agreements (DPAs): 

Strong data protection commitments are a key part of GDPR’s requirements. Our data processing agreement will reflect our privacy commitments and the Contentment Foundation terms. This will be soon available for customers to sign upon request.

International Data Transfers: 

The EU-US Privacy Shield is a framework negotiated and agreed by the European Commission and U.S. Department of Commerce as a lawful way of transferring personal data. We're working our way through it's certification process for international data transfers.

Data Protection Officer 

We’re looking for a dedicated Data Protection Officer to oversee and advise on our data management.

We’re coordinating with our vendors

We’re reviewing all our vendors, finding out about their GDPR plans and arranging similar GDPR-ready data processing agreements with them.

We’re taking new security measures

Security is a priority for us. We’ve built a robust security framework, working towards International Compliance standards (SOC2 and Privacy Shield) and reviewing our internal access design to ensure the right people have access to the right level of customer data. More details are available on our Security page. 

Getting Updates to Vendor Updates

To subscribe to changes about the subcontractors we use, please click this link and fill in your email address and we will notify you within 10 days once this list changes.


Feel free to reach out to us if you have any questions about GDPR.

Did this answer your question?