Adalo & GDPR Compliance

Legal disclaimer:

The following is meant to be a very general overview of how Adalo app’s can be compliant with GDPR. We recommend that you consult with legal professionals to determine the best strategy for your specific situation.

What is GDPR?

GDPR is a set of data protection and privacy requirements by the EU that may apply to your app if you have users in the European Economic Area.

Is Adalo GDPR Compliant?

Yes, as a Data Processor, Adalo is compliant with the regulations and requirements of GDPR. The Adalo Terms of Use contain several clauses outlining the many steps Adalo takes to comply with GDPR in order to keep your users’ data safe as well as the now commonly used legal mechanism of “Standard Contractual Clauses” for data transfer outside the EEA.

However, as the app maker, you have additional obligations you need to fulfill.

What’s my role under GDPR?

Under GDPR, you, the app maker are considered the Data Controller, and Adalo is considered a Data Processor, and services used by Adalo such as AWS are considered sub-processors.

What do I need to do as a Data Controller?

As a Data Controller you have a number of obligations under GDPR, including…

  • Asking for your users’ consent to process their data before they use your app.
    • You can fulfill this obligation by building a required consent checkbox into your signup form.
  • Fulfilling your users’ request to share, delete, export, or change the data you hold about them.
    • You can fulfill these requests using the database tab in the Adalo editor.
  • Ensuring that your Data Processor (Adalo) is compliant with GDPR.
    • Adalo is compliant with GDPR

Can you specify where you want your data stored I.e. on eu based severs, typically Germany

Not at this time! We hope to have this available at some point in the future.

1 Like