General Data Protection Regulation (GDPR)
ChargeOver is classified by the GDPR as a data processor. As a customer/merchant utilizing ChargeOver, generally you (the merchant/our customer) are classified as the data controller.
As a data controller, you are subject for meeting the data controller requirements set forth in the GDPR.
ChargeOver Compliance with GDPR Requirements
- ChargeOver internally monitors a list of GDPR-required lawful-basis reasons for collecting data
- ChargeOver will take necessary steps to keep personal data safe, secure, and private
- ChargeOver will disclose all sub-processors and data partners
- ChargeOver keeps compliance records and audit logs
- ChargeOver will notify you in the event of a data breach
- ChargeOver will notify you if our sub-processors change
- ChargeOver provides a process for right-to-access and right-to-erasure requests
Data Processing Addendum
ChargeOver maintains a GDPR-compliant Data Processing Addendum. You can find our DPA here:
ChargeOver maintains a list of sub-processors here:
You can optionally connect ChargeOver to the following services. Data is not shared with these partners unless you connect one of their integrations to your ChargeOver account.
Please note this list is subject to change and may not be complete. As the data controller, you are responsible for detailing GDPR compliance for any external service or integration you connect to ChargeOver.
ChargeOver maintains a list of integration partners.