GDPR Policy

Counterpart GDPR Centre

The General Data Protection Regulation (GDPR) governs the processing of people’s personal data in the European Union. Counterpart’s policy is to comply with all applicable local laws regarding our business and the related use of personal data. Counterpart applies Data Stewardship Principles which are guided by the belief that the data entrusted to us belongs to our customers and their users.

Frequently Asked Questions

What do I need to do to be GDPR compliant?

Every business is unique, and your GDPR compliance obligations will depend on many factors, including how you choose to collect, use, and share data about your employees and customers. You need to do an evaluation based upon your unique circumstances. To provide you with confidence that we are the right partner for you, we recommend you review the following: Counterpart Website Privacy Policy.

Is Counterpart a controller or a processor?

Counterpart acts as an independent controller of the personal information placed in our products and services. The GDPR distinguishes between the roles of a ‘controller’ and a ‘processor’ – each having different compliance roles and responsibilities. The GDPR defines a controller as an entity that determines the “purposes and means” of the data processing – or, in layman’s terms, “how and why” data is processed. A processor, on the other hand, is defined as the entity that “processes personal data on behalf of the controller”.

Where is my data located when I use your services?

Our main data storage locations are in the UK and Canada. However, as a global company, data is accessed from various locations by our global team and our trusted partners.

The GDPR does not preclude EU personal data being stored (or otherwise processed) in the other countries, as long as there is a data transfer mechanism in place approved by the European Commission. When it comes to our trusted service providers, our practice is to put contractual terms in place to ensure they follow our instructions and have appropriate security in place to protect the personal data we trust them with.

Do you have an appointed Data Protection Officer?

Yes, we have a dedicated ‘data protection officer’, as well as privacy and security professionals who provide ongoing assistance in ensuring the highest degree of protection and compliance:

Manage Your Counterpart Data

Control Use of Personal Data

You can ask us to stop using your personal data.

Delete Your Personal Data

You can ask us to delete your personal data.

Cookies and Tracking

To see how we use cookies on our website, visit our Cookies page.