Skip to main content
All CollectionsLegal & security
GDPR Commitment
GDPR Commitment

Initiatives and policies Twine has implemented to comply with GDPR.

Brian Swift avatar
Written by Brian Swift
Updated over a month ago

Our Commitment to Privacy and Security

At Twine, we understand that security and privacy are fundamental to our mission of connecting knowledge across organizations. As a company that processes customer conversations and business data, we treat GDPR compliance and data protection with the utmost importance. Our commitment goes beyond mere compliance—it's built into the very foundation of how we design and deliver our services.

Data Processing Agreements (DPA)

We make it simple to establish the necessary legal framework for GDPR compliance. To receive our Data Processing Agreement:

  1. Send an email to legal@twine.so

  2. Include "DPA Request" in the subject line

  3. We will promptly respond with our DPA for review and signature

Our DPA outlines the obligations and responsibilities of both parties under GDPR, ensuring full compliance with data protection requirements.

Transparency in data processing

We believe in complete transparency regarding our data processing operations. You can find a comprehensive list of our subprocessors in our Trust Center. We carefully select our subprocessors based on their security standards and GDPR compliance, and we maintain up-to-date documentation of all data processing relationships.

Data Subject Rights

We fully support the rights of data subjects under GDPR. Our detailed process for handling Data Subject Access Requests (DSARs) ensures individuals can exercise their rights effectively and efficiently. For complete information about submitting and processing DSARs, please see our Data Subject Access Rights article.

Security best practices

Our commitment to security is demonstrated through comprehensive measures and certifications:

Security certifications

  • SOC 2 Type II certified

  • ISO compliance in progress

  • Regular third-party security audits

  • Commitment to GDPR requirements, as outlined in this page

Data protection measures

  • End-to-end encryption using AES 256 for data at rest

  • TLS 1.2 encryption for data in transit

  • Strict policy against using customer data for AI training

AI Governance

  • Secure processing through SSL-encrypted channels

  • Zero data retention policy for AI processing

  • SOC 2 Type II compliant AI sub-processors

  • Strict isolation of data between customers

Keeping you updated

We continuously review and enhance our security and privacy practices. For the most current information about our security measures and compliance status, visit our Trust Center.

If you have any questions about our GDPR compliance, security measures, or data protection practices, please contact us at legal@twine.so.

Related Articles
Privacy Policy
Data Subject Access Rights
Did this answer your question?