As part of your evaluation of Cobrowse, you may wish to know more about our data protection polices.
Data protection and applicable laws
Our company operates an Information Security Management System (ISMS) which includes various policies regarding the processing and protection of customer data and other confidential information. These policies comply with applicable data protection regulations and laws, including the GDPR and CCPA, and Cobrowse.io and its policies are ISO27001 and SOC2 certified.
For customers in the European Economic Area who would like the data processing and storage from using the software to remain within the EEA we provide the option of using our service on the EU-dedicated public cloud.
If you have a compliance requirement to restrict the processing and storage to the USA we also offer an US-only hosting option in our public cloud.
If you prefer to keep your data and any processing within your existing infrastructure you can use our range of self-hosted deployments. This means that all traffic is routed through your data center/cloud and removes Cobrowse from being a necessary Data Processor.
Data Processing Agreements (DPAs)
For enterprise customers, we execute our enterprise-level Data Processing Agreement as part of our Enterprise Software License Agreement.
Cobrowse has previously been registered with the U.S. Privacy Shield, but no longer renews its certification following the decision by the Court of Justice of the European Union to reject the adequacy of the protection provided under the EU-US and Switzerland-US Privacy Shield framework. Instead, Cobrowse adopts the European Commission's approved Standard Contractual Clauses ("SCCs"), or other lawful alternative transfer mechanism as approved from time-to-time (e.g. the EU-US Data Privacy Framework).
For full information, including more information about the situations in which such data transfer applies, please see our Data Processing Agreement ("DPA").
Email us any time at email@example.com.