Articles on: Security & Data Processing

How Conduit Complies with GDPR

What is GDPR?

The General Data Protection Regulation (GDPR) 2016/679 is one of the most powerful privacy protection laws, specifically enacted to protect European Union (EU) citizens’ data. GDPR essentially empowers EU citizens with control over their personal data.

Importantly, the GDPR applies to any company or person that processes or stores information about people who live in the European Union. In other words, your company does not need to be located in the EU to be subject to GDPR. It applies if you store data about any natural person in the EU.
The GDPR distinguishes between data 'controllers' and 'processors'. With respect to data about EU citizens, if your product or service captures and stores that data then you are likely the 'controller' of that data. You may also use other services — such as Conduit — to further process and store that data. In such a case, Conduit would be a 'processor' of that data.

As a controller of data, you are responsible for ensuring that processors of your data also meet requirements for GDPR and that those requirements are contractually obligated. Generally, this is accomplished with a data processing addendum or agreement.

Is Conduit GDPR compliant?

Yes, all products and services of Conduit are GDPR compliant.

How can I request user data to be deleted?

Our Data Protection, Security and Compliance teams work tirelessly to ensure your data is protected to the highest standard, and so we comply with privacy laws such as GDPR.

You can request the data deletion via the chat widget. Or, alternatively, you can email us at

For all other GDPR requests not related to deletion, please email us at

Updated on: 08/03/2024

Was this article helpful?

Share your feedback


Thank you!