At Lootbear, we worked hard to prepare for EU General Data Protection Regulation (GDPR), to ensure that we fulfill its obligations and maintain transparency about customer messaging and how we use data.

Here’s an overview of GDPR, and how we prepared for it at Lootbear:

What’s GDPR?
​
The GDPR is a comprehensive data protection law that came into effect on May 25, 2018. It replaced existing EU law to strengthen the protection of “personal data” and the rights of the individual. It's a single set of rules which governs the processing and monitoring of EU data.

Does it affect me?
​
Yes, most likely. If you hold or process the data of an any person in the EU, the GDPR will apply to you, whether you’re based in the EU or not.

How Lootbear prepared for GDPR
​
Our teams worked hard to ensure we complied with GDPR. This was a massive overhaul of processes and data models to make sure we met our legal obligations, and did the best thing for our customers while still letting us move fast, scale and build great products.
​
​We took new security measures
​
Security is a priority for us. We have regular external audits and bug bounties where relevant. We’ve built a robust security framework, achieving International Compliance standards and reviewed our internal access design to ensure the right people have access to the right level of customer data. 

​We coordinated with our vendors

We’ve reviewed all our vendors, finding out about their GDPR position and signed Data Processing Agreements with them.

We built new features

You can easily export all of your data linked to an individual and permanently delete all data linked to an individual user upon request.