GDPR Policy

Last Updated: Oct. 2023


This section is intended to assist Dataleap customers and users in understanding, and where applicable, complying with the General Data Protection Regulation (GDPR), which is a landmark legislation for data privacy in Europe. The GDPR came into effect on May 25, 2018, with the aim to empower European Union (EU) citizens with more control over their personal data, and to harmonize various privacy and security laws under one comprehensive legislation.

At Dataleap, we are deeply committed to information security and data privacy. These principles are fundamental to our operations, and we recognize the significance of compliance with regulations to fortify information security and data privacy for EU citizens.

Data Processing Agreement – We support the EU’s Standard Contractual Clauses through a Data Processing Agreement you can sign and return to us.

Data Sub-Processors – We list all of our third-party Data Sub-Processors and share information on what we use them for and where they are located.

EU data storage – Data is processed and stored exclusively in data centers within the European Union. Dataleap relies on Microsoft Azure and Hetzner to host its infrastructure. These data centers are ISO / IEC 27001 certified and thus meet our high requirements for the physical security of our customers' data.

Security - Our application is built on world-class, modern cloud infrastructure designed to ensure the safety of your data. We have carefully chosen proven third-party cloud providers that have a great security track record, and we employ best practices including regular backups, data encryption, sanitized logging, and common attack prevention.

List of sub-processors

Infrastructure Subprocessors

Microsoft Azure
  • Entity: Microsoft Ireland Operations, Ltd., One Microsoft Place, Dublin 18, Ireland

  • Used for: Data Processing

  • Server Location: Netherlands

  • Entity: Hetzner Online GmbH - Industriestr. 25, 91710 Gunzenhausen, Germany

  • Used for: Infrastructure hosting, data processing, data storage

  • Server Location: Finland

  • Entity: Supabase, Inc., a company registered in Delaware with number 7816270 whose registered office is at 970 Toa Payoh North #07-04, Singapore 318992

  • Used for: Data storage

  • Server Location: Germany