Bucket Privacy Regulation Compliance

Updated on January 23, 2024. All policies.
The data privacy regulatory landscape is undergoing a lot of change. You probably have heard about the EU General Data Protection Regulation (GDPR) that went into effect on May 25, 2018. There are also other regulations in effect or in the works around the world. We’ve written up this reference document to put helpful information regarding our products and privacy regulations in one place. Please also view our full Privacy Policy.

If you have any questions, comments, or concerns about our policies, your data, or your rights with respect to your information, please email us at hello@bucket.co.

EU General Data Protection Regulation (GDPR) #

Bucket is compliant with the EU General Data Protection Regulation (GDPR) that went into effect on May 25, 2018.

Applicable law #

Bucket ApS is located in Denmark.

Does GDPR affect me? #

If you’re based in the EU or do business in the EU, yes! If you have any EU personal data in your Bucket account, such as names, email addresses, ID numbers, or anything personally identifiable, then GDPR applies. However, per default configuration, Bucket does not capture any personal identifiable information.

If you choose to send PII data to Bucket, you are the Controller of personal data under GDPR and therefore need to enter into a GDPR-compliant Data Processing Agreement (DPA) with Bucket.

Data Processing Agreement #

Processing EU personal data must be governed by a GDPR-compliant contract. We provide a standard Data Processing Agreement (DPA) to extend GDPR privacy principles, rights, and obligations everywhere personal data is processed. We have incorporated our DPA into our Terms of Service. You can find the DPA below. This addendum is in effect when the GDPR applies to your use of Bucket's services to process Customer Data as defined in the DPA. The DPA includes the European Commission’s Standard Contractual Clauses to extend GDPR privacy principles, rights, and obligations.

To execute the DPA

Subprocessors #

Bucket uses third party subprocessors, such as cloud computing providers and customer support software, to provide our services. We enter into GDPR-compliant data processing agreements with each subprocessor, and require the same of them. List of Bucket subprocessors.

This policy have been adapted from the Basecamp open-source policies.