EU General Data Protection Regulation (GDPR) at Ledgy. Last refreshed August 2022.
EU General Data Protection Regulation (GDPR) is an important step to strengthen data privacy rights to harmonize data privacy laws across Europe. The regulation was approved by the EU Parliament in April 2016 and came into effect on May 25, 2018. GDPR affects companies processing or controlling personal data of data subjects located in the EU.
Personal data consists of any information that allows identifying a person directly or indirectly. This could be such things as a name, an email address, bank details, an IP address or a social media post.
We understand how sensitive equity information is for any business. That’s why your privacy and your data’s security is crucial to us. We comply with the applicable data protection laws, including in particular the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR).
In the context of the GDPR, we have improved and incorporated various areas affected by the regulation, such as the legal basis for data processing, rights of data subjects, obligations of controllers and processors, privacy notice, response to security aspects, data breaches, privacy and data protection by design, data protection impact assessments, and data transfer mechanisms.
Update August 2022: We are pleased to confirm that Ledgy is SOC2 Type 1 certified. The certification is a confirmation of Ledgy's robust information security and organizational processes. While SOC2 is not directly connected to GDPR compliance, we are happy to share a copy of our SOC2 audit with customers or potential customers interested in Ledgy's security posture.
If you have any inquiries or requests, please don’t hesitate to contact us at firstname.lastname@example.org.
Read our Data Processing Addendum.