Is Sprintlaw Signatures GDPR compliant?
Yes, Sprintlaw Signatures is fully compliant with the General Data Protection Regulation (GDPR), UK GDPR, and the Australian Privacy Act. We process personal data, including signatures, in accordance with these regulations’ strict standards for data privacy and security.
Here’s how Sprintlaw ensures compliance:
Data Processor Role
Sprintlaw acts as a data processor, meaning we process personal data on behalf of our customers (the data controllers) in line with their instructions. For more details, please refer to our Data Processing Addendum.
Sub-Processor (Annature)
Sprintlaw Signatures is powered by Annature Pty Ltd, which acts as a sub-processor. Personal data processed through Sprintlaw Signatures is securely hosted on Amazon Web Services (AWS) servers located primarily in Australia. We ensure that international data transfers comply with both GDPR and the Australian Privacy Act through the use of the UK International Data Transfer Agreement (IDTA).
Security Measures by Annature
Annature is responsible for implementing industry-standard encryption, pseudonymisation, and access controls to protect your data. These measures help ensure that your data is secure both in transit and at rest, adhering to the security requirements of GDPR, UK GDPR, and the Australian Privacy Act.
Data Subject Rights
If you or your clients need to access, rectify, or delete any personal data processed via Sprintlaw Signatures, we provide the necessary capabilities to do so in compliance with GDPR, UK GDPR, and the Australian Privacy Act. For assistance, please contact our team through the provided contact information.
For comprehensive information, please review our Australian Privacy Policy, our UK Privacy Policy and our Data Processing Addendum.