Links

Data Processing Agreement (GDPR)

Are you a Rocket.Chat customer and looking for a GDPR-compliant Data Processing Agreement (DPA)?
It is pre-signed and only needs to be signed from your end for your compliance purposes. It contains EU standard contract clauses as a data transfer mechanism for data controllers subject to EU law. Keep in mind that our privacy policy is already part of any customer agreement and therefore already is deemed sufficient by most jurisdictions as a "contractual agreement" to prescribe our processing of personal data.
The DPA covers our hosted offering. The DPA can also cover cases of customers, that run a self-managed instance of Rocket.Chat, but connect to Rocket.Chat services such as the push notification gateway or the marketplace. For this, you generally need to register your server. In these cases, personal data is processed by us to provide you with these services, and you might be required by the applicable laws to have a DPA in place. Our DPA is flexible enough to cover these cases as well.
Info: The DPA is not valid for individual Rocket.Chat users (individual persons). For them, only the privacy policy of their Rocket.Chat workspace (provided by the data controller) applies. This DPA also does not cover the processing of third-party apps from our marketplace (beyond us providing the capability to consume such apps), and in case of multiple DPAs being submitted, only the most recent version applies.
How does it work?
  1. 1.
    Click the link to request your copy. Enter your email-address and you will receive an authentication code to your email.
  2. 2.
    Enter your authentication code and accept the ZOHO Sign Terms and Conditions for Electronic Signature.
  3. 3.
    Fill out the remaining fields, such as company name and address. Check optional fields and enter additional information into the text boxes. Keep in mind that excluding certain types of personal data but effectively entering them into our services does not preclude us from processing such data. You can forward the document to be signed by someone else, by using the function within ZOHO Sign.
  4. 4.
    Once all mandatory fields are filled out, click "finish".
  5. 5.
    Choose your delivery method (download a copy or send via email). A copy of the DPA with your signature will be mailed to us automatically.
What information is covered in the Data Processing Agreement (DPA), and how does it ensure GDPR compliance and data security
The DPA encapsulates Standard Contractual Clauses (SCC) issued by the EU, ensuring that our data processing activities adhere to the GDPR privacy standards.
Within the DPA, you'll gain insight into the technical and organizational security measures (TOM) implemented by Rocket.Chat.
These measures are designed to safeguard data and uphold the principles of confidentiality, integrity, and availability as required by the EU.
For further details, please refer to the Data Processing Agreement provided in this section.
For questions, contact [email protected]
Rocket.Chat versions receive support for six months after release.