GDPR Compliance

The General Data Protection Regulation (GDPR) is an EU regulation that governs how businesses collect, store and process EU citizens’ personal data. Patri is committed to ensuring individual privacy and is GDPR-compliant in our collection, storage, and processing of personal data for all parties globally. Relevant security and privacy measures are outlined below.

Consent and Processing

Patri does not store or process personal data without the consent of the data subject and/or the written consent of our clients in accordance with legitimate interest allowances. Patri only processes data as directed by clients and in accordance with our privacy policy and GDPR guidelines. Patri does not sell, share, or rent personal data to third-parties, but may utilize relevant and compliant subprocessors.

Privacy Policy

Security Assessment

Patri maintains technical and organizational security measures that ensure the safeguarding of personal data against accidental or unlawful access, modification, and destruction. Patri stores and processes personal data using ISO 27001 and SOC 2 certified infrastructure. Our security whitepaper outlines the details of our technical, physical, and organizational security measures.

Security Whitepaper

Rectification and Erasure

Patri honors the fundamental rights of data subjects in accordance with GDPR guidelines including the rights of data rectification and erasure (the right to be forgotten). Patri promptly honors data subject and/or client requests to modify or erase personal data. Clients may request, at any time, that data being stored and processed on their behalf by Patri be permanently deleted from all systems and backups. Use the link below to submit a request.

Submit Request