Data and GDPR at Sirv
Privacy and security have always been two of the foundations of Sirv’s approach to product development and day-to-day operations. We continuously evaluate all our practices in an effort to safeguard your information as effectively as possible.
What is GDPR?
The General Data Protection Regulation (GDPR) gives European citizens more power to control their data. Companies that process the personal data of European citizens must comply with the GDPR regulations.
GDPR outlines specific requirements that these companies must satisfy, as well as specific rights that European citizens can exercise with these companies. Further information on GDPR is available on the European Union’s official website: https://ec.europa.eu/info/law/law-topic/data-protection_en.
Data processing agreement
Sirv does not process personal data by default. The IP addresses of visitors that request your files are temporarily stored in HTTP server logs, which we use to provide aggregated analytics on the usage patterns of your files. The logs and IPs are not shared with anyone (including the Sirv account holder) and Sirv does not hold personally identifiable information to match against those IPs. Neither does Sirv place cookies in your users browsers, so you do not need to obtain a Data Processing Agreement (DPA) from us.
However, if you upload images or files to Sirv that contain personally identifiable information – such as medical records, statements, invoices or images that contain names or addresses – you can request a DPA from us.
Features to support GDPR requirements
Sirv can help you meet your data portability requirements for GDPR. You can easily export data from your account via the download options, permanently delete data through the Sirv web app or completely close your account and delete your files via your Settings page.
Data Protection Officer
Sirv has a Data Protection Officer who you can contact at firstname.lastname@example.org.
If you have further questions, please contact email@example.com.