Workato takes the privacy of our customers, partners and their end-users seriously. We know that user data is important to our values and operations. That is why we are taking measures to support our customers and partners’ compliance with EU data protection requirements, including those set forth in the General Data Protection Regulation (“GDPR”), effective May 25, 2018 .
For more information, we encourage our customers to read through the resources provided below.
What is GDPR?
The General Data Protection Regulation (“GDPR”) is a new European privacy law that is set to replace the current EU Data Protection Directive (“Directive 95/46/EC”). The GDPR is intended to strengthen the security and protection of personal data in the EU.
To whom does the GDPR apply?
The GDPR applies to all organizations operating in the EU and processing “personal identifiable data” of EU residents. Personal data is any information relating to an identified or identifiable natural person.
Is Workato a controller or processor?
Workato is a processor with regard to the personal data that Workato processes on the Workato platform on behalf of its customers (the controller).
Workato is a controller with regard to the personal data that it collects and for which it determines the purposes for which and the manner in which the personal data is to be processed.
We have a dedicated team working on GDPR compliance to implement appropriate measures by May 25th, 2018.
What data does Workato collect through its platform service?
Do you involve processors to process user data?
Workato maintains an up-to-date list of the names and locations of all processors used for hosting or other processing of Service data. We are ensuring Data Processing Agreements (DPAs) are in place with all involved processors. You can also review the list of Sub-Processors used by Workato.