Help > GDPR

Is SignUpAnywhere compliant?

We know what data we store, we know where it exists, where it is held, how it is managed and who has access to it.

Data Protection Officer

Mike Brear is responsible for staff training, quarterly internal audits and notifying our EU GDPR supervisory authority within 72 hours in the unlikely event of a data breach. You can contact Mike on mike@signupanywhere.com if you have any questions relating to GDPR.

Security & Infrastructure

All SignUpAnywhere data is encrypted over HTTPS with an industry-standard 2048 bit SSL certificate. Respondent data is encrypted as it is sent to the server, and then encrypted when accessed, so it can’t be intercepted (e.g. over insecure WiFi). Data deleted from your account will be removed from the system and, for the sake of privacy and security, is unrecoverable.

Our servers are located in high-security ISO 27001 and ISO 9001 compliant data centers in the UK and Ireland. The facilities have state-of-the-art cooling, power, security and network capabilities. We go to great lengths to ensure that your data is secure. All databases are password protected and firewalled to prevent outside access, and our servers are regularly security patched to minimise the risk of intrusion.

We take data security very seriously and our security policy has been developed by our team to align with ISO 27001.

We use Stripe as our payment provider and their ongoing commitment to compliance with European data protection laws is outlined on their website.