GDPR Commitment

KudosCRM is committed to the EU and UK General Data Protection Regulation (GDPR). This page summarises how we support GDPR compliance for our customers and their users.

• Roles: for the CRM data you upload, you're the controller and we're your processor; for your account data, we're the controller. See our Privacy Policy and Data Processing Agreement.
• Lawful processing: we process personal data on appropriate legal bases (such as contract, legitimate interests, and consent).
• DPA available: customers can enter into our GDPR Article 28 Data Processing Agreement — request a signed copy at legal@kudoscrm.com.
• Sub-processor transparency: we publish our Sub-processors and give notice of changes.
• International transfers: we use appropriate safeguards, such as Standard Contractual Clauses, for transfers outside the EEA/UK.
• Breach notification: we notify affected customers of personal-data breaches without undue delay.
• Security: appropriate technical and organisational measures — see our Security overview.

Individuals can request access, rectification, erasure, restriction, portability, or object to processing. Email privacy@kudoscrm.com and we'll respond within the timeframes the law requires. You also have the right to complain to your local supervisory authority.

Data Protection Officer: dpo@kudoscrm.com · privacy@kudoscrm.com