GrapheneDB Blog

Updates from the GrapheneDB team

GDPR and GrapheneDB: Changes to Protect Your Data Privacy

We’re happy to announce that we’re ready for new General Data Protection Regulation (GDPR) law, which goes into effect on May 25, 2018.

GrapheneDB has always been committed to the data privacy of its customers. We firmly believe this is an essential piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union.

Our engineers have been working closely with our lawyers, and we want to share with you some of the actions that we’ve taken to be compliant with the law:

  • We’ve reviewed our data inventory to make sure we collect the minimum amount of personal data to run our business.
  • We’ve reviewed and updated our security standards and ensured they are applied and meet the GDPR requirements.
  • We’ve updated our privacy policy to provide more transparency surrounding our client’s personal data and to reflect our new requirements as data processor as well as your data protection rights.
  • We will obtain assurances that all third-party service providers will safeguard your personal data in accordance with this policy and the European privacy laws.
  • We’re offering a Data Processing Agreement (DPA), which enables our customers to comply with their GDPR obligations. Customers of GrapheneDB are free to request our standard DPA by reaching out to from the email address associated with your GrapheneDB account. Please note that our DPA has been tailored to the way GrapheneDB provides its service, and as a result, changes to DPA language are not available at this time.

At GrapheneDB we’re not only committed to complying with GDPR but also aware that you will need to comply if you’re a business in the EU. We offer the following tools to help you with that:

  • You can anytime modify, export or delete any record from the database using the available endpoints.
  • You can permanently delete the content of a database by using the “empty database” feature. We’re going to very soon release a soft-delete feature for providing a clear and transparent policy on permanent deletion of backups and datasets.
  • You can export complete datasets using the export database feature.
  • We offer a wide range of regions where you can host your data.
  • From our lowest free Sandbox plan, we offer strong security measures to protect the data in your databases, meeting the GDPR requirements. Additionally, on Performance and Enterprise databases, your data will be encrypted at rest, and you’ll be able to restrict the outbound traffic using Private Networks.

We hope this makes your use of GrapheneDB and the transition to GDPR much easier. Our customer support team will be happy to help you out with any GDPR or data security questions.

Juanjo and Alberto
Founders of GrapheneDB