As it was already compliant with the GDPR for the past 2 years. 🙌

In the past weeks and specially the last few days you were probably bombarded with emails from your service providers about change of Terms of Service or Privacy Policy to be compliant with GDPR. Among these emails you will not find an email from Redash. This is for the simple reason that we didn’t have to change our Privacy Policy or Terms of Service.

(Well, actually we did do a small update to the Privacy Policy, updating the list of services we share data with — we forgot to add there Stripe and Intercom)

When our Terms of Service and Privacy Policy were originally written, Adv. Jonathan Klinger had the foresight to write them in a way that will be compatible with the upcoming GDPR. Besides that, we were always committed to using your information respectfully and for the purpose you shared it with us.

Having said that, as any good practice turned into regulation, GDPR does introduce a few new challenges in making sure we’re compliant beyond just being a good player and not abusing data. We used this opportunity to step up our game on privacy and security.

DPA

If you use hosted Redash (app.redash.io) to process Personal Data, you should sign a DPA with us (you can sign in regardless, actually). For more details about this, please contact support.

If you’re using the open source version of Redash, no DPA is needed, as the data is hosted with you.

Questions? Concerns? We’re here to help, just ask here or via regular support channels.