We've collected all the privacy and GDPR related documents that Gumroad is providing. Access the privacy information of a hundred more vendors and monitor them on autopilot with PrivacyBoard's GDPR compliance platform.
What's a Data Processing Agreement (DPA)?
A Data Processing Agreement, or DPA, is a contract that must be concluded between an organization that provides data and the organization that receives this data to perform a service (hosting, email delivery, video conferencing, payment and billing, data analysis, etc.). It is a requirements set forth by Article 28 of the GDPR. The contract must stipulate that the processor shall act only on instructions from the controller, provide technical security and organizational measures governing the processing and ensure compliance.
What's are Standard Contractual Clauses (SCC)?
Standard Contractual Clauses, or SCC, are standardized clauses between an organization that sends data and the organization that receives this data outside the European Union EU/EEE and in a country which isn’t considered as offering an adequate level of data protection. The European Commission has so far recognized Andorra, Argentina, Canada, Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, Republic of Korea, Switzerland, the United Kingdom and Uruguay as countries providing adequate protection.
They are legal tools enacted by the European Commission, therefore they can be incorporated into any transfer contract, to facilitate both the duty of exporters and importers.
Become GDPR compliant in minutes!
Privacyboard helps you comply with GDPR easily so you can focus on what's really important for your business.