Skip to main content


What is GDPR?

The General Data Protection Regulation (GDPR) is legislation that updated and unified data privacy laws across the European Union (EU). GDPR was approved by the European Parliament on April 14, 2016, and went into effect on May 25, 2018.

What is the Purpose of GDPR?

The purpose of the GDPR is to protect individuals and the data that describes them and to ensure the organisations that collect that data do so responsibly.

What Data Does GDPR Protect?

Users must consent to any company or organisation that wishes to collect and use personal data. The GDPR defines personal data as information that relates to "an identified or identifiable natural person" -- referred to as a "data subject."

Personal data can include these types of information:

  • Name
  • Identification number
  • Location data
  • Any information specific to "the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person."
  • Biometric data that is acquired through some form of technical processes, such as facial imaging or fingerprinting
  • Information related to a person's health or healthcare
  • Racial or ethnic information of an individual
  • Political opinions or religious beliefs
  • Union membership

Who is Subject to GDPR Compliance?

All organisations that collect the personal data of any citizen of an EU member state must comply with the GDPR. That includes organisations outside the Union -- they still must comply with the GDPR if they're collecting a member state citizen's data.

The GDPR defines three different roles related to personal data: 1- Data Subject: Owner of personal data. 2- Data controller: The individual or organisation determines what personal data to collect and how it will be used. 3- Data processors: The individual or organisation processing personal data for the controller.

FowCRM as a Data Processor

The people you store in FowCRM as contacts are your data subjects, and you are considered the data controller for this personal data.

Using FowCRM to manage your customers means that you have selected FowCRM as a data processor to carry out specific processing activities on your behalf. According to article 28 of the GDPR, the relation between the controller and the processor should be written. In this case, our Terms of Service and Privacy Policy document comes in. Once you accept these terms in the document, it will serve as your data processing agreement that sets out the instructions, rights, and responsibilities you give to FowCRM regarding processing personal data that you control.

What does FowCRM do for GDPR?

FowCRM has a structure that can quickly fulfil the requirements of the EU General Data Protection Regulation on businesses.

We care about the privacy needs of FowCRM users and customers. Therefore, we have implemented and will continue to improve technical and organisational measures in line with GDPR to protect personal data processed by FowCRM.

Internal Processes, Security and Data Transfers

We have reviewed our internal processes and operations to ensure we are mapping and auditing the data circulating in our systems. In addition, we implement functionality across our main customer-centric systems to comply with privacy policies. Any access to Customer Data is gained only with the permission of our customers.

Our internal procedures and logs ensure that we meet GDPR obligation requirements.

We have created our own business processes to engage third-party service providers and ensure that these third parties meet the high expectations of FowCRM and its customers regarding privacy and security.

Ability to Action Subject Access Requests

The right of data subjects to control their data is at the heart of the GDPR. Therefore, we have all the requirements to respond to data subject requests to delete, modify or transfer data.

So our customer support specialists and the engineers who help them are ready to help you with any issues related to your personal data.


Our Terms of Use and Privacy Policy are updated regularly to ensure we build upon the hard work we've always done on this subject. As these documents set out the basis of our relationship with you, we strive to openly and clearly explain your rights in these documents.

Training and Awareness

The FowCRM Team is instructed about GDPR and handling/processing personal data. Thus, each FowCRM Team Member is aware of the policies regarding compliance with GDPR and other privacy-related issues. We include this training in our new team member requirements and regularly schedule refresher checks.


The information on this page is for informational purposes only and should not be considered official or legal advice. We recommend contacting your legal counsel for specific details on GDPR and its implications for your business.

This page gives an overview of the roles described by the GDPR, the responsibilities of each party, and the efforts we're putting in to support these.