👋
We'll be at SaaStr, Sep. 27-29. Come meet the team at booth 415!
Read More >

General Data Protection Regulation

Date: Sep 15, 2021
As a global application service provider, in accordance with our information security and data privacy practices as Data Processor, Vanta complies with all applicable data privacy regulations. We are providing the following information in order for users and customers to understand our compliance posture.

Questions and comments can be sent to: privacy@vanta.com
Control
Description

Individual Responsible for GDPR Compliance

Matt Cooper, Principal, Cybersecurity & Data Privacy

Purpose of Processing

Continuous security and compliance monitoring and audit readiness platform which includes security awareness education and compliance workflow management.

Notice regarding the collection and use of Personally Identifiable Information (PII) can be found here: www.vanta.com/privacy

Lawful Basis for Collection & Processing

All PII collected and processed within Vanta is in accordance with a Master Services Agreement between Vanta and the Data Controller

Data Subject Access Requests (DSAR)

Requests for data access, modification or deletion may be sent to privacy@vanta.com

Data Retention

Customer Data, including PII, is securely deleted from Vanta systems within ninety (90) days of service termination or upon customer request.

Vanta-controlled PII is deleted in accordance with internal policy, when it no longer has business value, or upon Data Subject request

Data Protection & Information Security

Vanta maintains a comprehensive information security management system to protect and preserve the confidentiality, integrity and availability of Customer Data, which is audited annually by a qualified third party assessor.
Our Data Security Statement can be found here: https://www.vanta.com/security

Our current SOC 2 Type II Report is available upon request.

Breach Notification

Any breach of PII will be promptly reported to Customers, Data Subjects and Data Authorities in accordance with our Incident Response Policy and all applicable regulatory requirements.

Vanta automates compliance starting with SOC 2
Please enter your first name
Please enter your last name
Please enter a valid email address
Please enter a job title
Please enter your company name
Please enter your company website
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.