Data protection is very important to us. Below you will find answers to the most frequently asked questions in this regard.

Your data is safe at all times. We secure all connections with a 256-bit encryption. Your data is stored on highly secure servers.

Yes, Heyflow is fully GDPR-compliant. All data is hosted and processed exclusively in Europe. We trust Google Cloud Platform, one of the most secure cloud computing environments in the world. Find more information here.

A data processing agreement (DPA) is a contractual agreement between the processor (Heyflow GmbH) and the controller (i.e. you as the data controller).

By providing a DPA, we assure you that we will implement appropriate technical and organizational measures (TOM) to ensure that the storage and processing of personal data is performed in conformity with the provisions of the General Data Protection Regulation (GDPR).

So that you can continue to comply with the provisions of the GDPR, we encourage you to conclude a data processing agreement with us as your data processor.

Once signed, send it back to [email protected] or in the chat, as only then will it become legally binding.

Heyflow has outsourced data protection responsibilities to Proliance GmbH. As a specialized service provider, Proliance GmbH ensures that our company remains consistently up-to-date with the latest data protection laws and regulations.

Yes, since 2022 Heyflow's information management system and processes are certified in accordance with ISO 27001 and are audited independently on an ongoing basis. If you have any questions about the Statement of Applicability and the implemented controls, we will be happy to provide further details.