Ledgy and GDPR

EU General Data Protection Regulation (GDPR) at Ledgy. Last refreshed August 2022.

EU General Data Protection Regulation (GDPR) is an important step to strengthen data privacy rights to harmonize data privacy laws across Europe. The regulation was approved by the EU Parliament in April 2016 and came into effect on May 25, 2018. GDPR affects companies processing or controlling personal data of data subjects located in the EU.

What is personal data?

Personal data consists of any information that allows identifying a person directly or indirectly. This could be such things as a name, an email address, bank details, an IP address or a social media post.

  • Art. 4 GDPR: ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. [Source]

Ledgy is GDPR compliant

We understand how sensitive equity information is for any business. That’s why your privacy and your data’s security is crucial to us. We comply with the applicable data protection laws, including in particular the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR).

In the context of the GDPR, we have improved and incorporated various areas affected by the regulation, such as the legal basis for data processing, rights of data subjects, obligations of controllers and processors, privacy notice, response to security aspects, data breaches, privacy and data protection by design, data protection impact assessments, and data transfer mechanisms.

Update August 2022: We are pleased to confirm that Ledgy is SOC2 Type 1 certified. The certification is a confirmation of Ledgy's robust information security and organizational processes. While SOC2 is not directly connected to GDPR compliance, we are happy to share a copy of our SOC2 audit with customers or potential customers interested in Ledgy's security posture.

We are here for you

If you have any inquiries or requests, please don’t hesitate to contact us at contact@ledgy.com.

Read our Data Processing Addendum.

What next?


03 Apr 2019