GDPR Compliance

Tightknit is GDPR compliant and we have made it a priority to protect your data.

What is GDPR?

The General Data Protection Regulation (GDPR) is a data privacy law introduced by the European Union. It grants EU residents rights over their personal data such as:

  • Right to be informed
  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object

Why is GDPR Necessary?

Many of the communities using Tightknit operate within the EU or have members there. Adhering to the GDPR allows us and our customers to meet these legal obligations without compromising privacy.

Our GDPR Compliance

Self-Assessment and Monitoring

GDPR is a law rather than a certification, so Tightknit self-assesses its compliance and monitors GDPR controls with industry-standard tooling.

Data Storage and Transfers

Customer data is hosted in the United States. Our Data Processing Addendum (DPA) includes Standard Contractual Clauses covering data transfers from the EU to the US.

Protecting Personal Data

Tightknit follows security best practices to safeguard personally identifiable information. See our DPA for details on our technical and organizational measures.

Processor Obligations

We have implemented the procedures required to comply with GDPR. Our DPA outlines our processor obligations and our Terms of Service and Privacy Policy incorporate these requirements.

GDPR Resources

GDPR Questionnaires

If you have a GDPR questionnaire, please contact us at [email protected]. Requests to modify our DPA or other legal documents require an Enterprise Plan.