Skip to main content
All CollectionsSupport GuideSecurity & Privacy
Sitemate Security, SOC-2 and GDPR Information
Sitemate Security, SOC-2 and GDPR Information

GDPR Compliance

Hartley Pike avatar
Written by Hartley Pike
Updated over a week ago

SOC-2 Certification

Sitemate is certified for SOC-2.

Auditor: Sensiba LLP

Date of certification: As of October 25, 2023

Please read more about SOC-2 here: https://www.checkpoint.com/cyber-hub/cyber-security/what-is-soc-2-compliance/

General Data Protection Regulation (GDPR)

What is the GDPR?

The GDPR is a comprehensive data protection law that came into effect on May 25, 2018. It replaced existing EU law to strengthen the protection of “personal data” and the rights of the individual. It's a single set of rules which governs the processing and monitoring of EU data.

These laws affect Sitemate since they apply to our Dashpivot customers and users who reside in the EU. The rights introduced for users are outlined below - as best practice we honour these requests to all our customers and users:

  • Right to Access and Data Portability - we can provide an export of the personal data we have collected about you. To make a request, email us at compliance@sitemate.com

  • Right to Erasure - we can delete the personal data we have collected about you, for instance if you wanted to unsubscribe from Dashpivot or delete your account. To make a request, email us at compliance@sitemate.com

Important Note: For security reasons, to authenticate these request (so we know it's really you who is making the request), we may call you to verify, and email you the export your account email address.

California Consumer Privacy Act (CCPA)

What is the CCPA?

Similarly to the GDPR, in California (USA) introduced data privacy laws which came into effect on 1st January 2020, known as the CCPA. In short, the CCPA is designed to ensure that users have visibility and control over the ways businesses use and share their data.

The CCPA laws do not affect Sitemate since we do not sell your personal data to other third parties and do not fit the revenue profile. However, as best practice we do honour the same relevant rights outlined in the CCPA to all our customers and users, noted below:

  • Right to know - we can provide an export of the personal data we have collected about you. To make a request, email us at compliance@sitemate.com

  • Right to delete - we can delete the personal data we have collected about you, for instance if you wanted to unsubscribe from Dashpivot or delete your account. To make a request, email us at compliance@sitemate.com

Important Note: For security reasons, to authenticate these request (so we know it's really you who is making the request), we may call you to verify, and email you the export your account email address.

NIST Cybersecurity Framework (CSF)

Sitemate also follows NIST cybersecurity framework which provides a set of standards for organisations to use to improve their cybersecurity posture.

Learn more about NIST Cybersecurity Framework here: https://www.cisco.com/c/en/us/products/security/what-is-nist-csf.html

Did this answer your question?