The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.
Data Processing Agreement
As Bitrix24 has many clients in the European Union, we follow GDPR compliance rules and maintain GDRP section on our website. Your Data Processing Agreement is accepted by you as a part of our main terms of service.
- Click on the toggles icon in the top left corner.
Select Settings in the widget.
Open the GDPR compliance tab and provide the obligatory information.
Data hosting inside and outside the EU
GDPR allows the processing of personal data outside the EEA area when the appropriate safeguards specified in Articles 45-49 GDPR are met. However, we recommend that our European clients use Bitrix24.eu, Bitrix24.de, Bitrix24.pl, Bitrix.it, or Bitrix24.fr accounts just to be on the safe side. These accounts are hosted in AWS data centers in Frankfurt, Germany, which are fully GDPR compliant. Bitrix24.com, Bitrix24.es, and Bitrix24.com.br data are stored in the United States. The personal data processing of customers from Spain and Portugal is protected under the EU-US Privacy Shield framework. You can find further information in our Data Processing Agreement.
GDPR compliance for your employees and CRM records
If you have employees or clients from the European Union, they have certain rights under GDPR. To use Bitrix24 CRM forms and live chat widget, you need to activate the consent option for personal data processing. If needed, contact a local Bitrix24 partner for assistance. Your employees or customers can ask you to provide a copy of all the personal data you’ve collected on them in your Bitrix24 account. They can also ask you to delete or anonymize their personal data. If you receive such inquiries, you can use these apps from our Market to execute these requests automatically.