Our GDPR Commitment

What is GDPR?

The GDPR (or EU General Data Protection Regulation) is an EU-wide privacy and data protection law that gives individuals more control over their personal data. It is the most significant piece of European privacy legislation in the last twenty years, replacing the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights that EU individuals have over their data, and creating a uniform data protection law across Europe.

The GDPR is relevant to any company, not just EU-based businesses and EU residents. Our customers’ data is equally important no matter where they are located, so we implement GDPR controls as our baseline standard for all our operations, worldwide.

How we’ve handled it?

We care about protecting all of the data that flows through our products and services, especially users and residents’ data. We have designed our systems from the bottom up with privacy in mind and have taken every step to comply with the General Data Protection Regulation (GDPR) 2018 and UK Data Protection Act 1998, including Data Protection Impact Assessments (DPIA) for all relevant projects, assigning a Data Protection Officer (DPO), registering with the UK Information Commissioner’s Office (ICO), implementing exceptional security standards and more.

Where do we store your data?

All personal data is stored on the cloud in secure environments. We use Google Cloud Platform which allows us to implement AES 128/256 encryption at-rest, by default. We store all personal data within the EU.

Where can I learn more?

We have published some important updates to our Website Privacy PolicyProduct Privacy Policy and Cookie Policy, which are effective May 24, 2018. The changes reflect the increased transparency requirements of the GDPR.

As we always have been, Ally Labs Limited is committed to protecting your privacy. That’s something that will never change. These statements are just enhancements which clarify and provide additional information about:

  • Your privacy rights and how to exercise them;
  • How we collect, use, share and protect your personal data;
  • The legal bases we rely on to process your personal data; and
  • How we operate in our capacity as a data processor acting on your behalf.

We’ll continue to actively monitor regulatory guidance and interpretations of key GDPR requirements to make sure we’re well informed and doing the right things in the right way.

If you have any questions, please don’t hesitate to reach out to our support team at [email protected].