Skip to main content
All CollectionsSecurity
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)

We use encryption, comply with GDPR, and ensure data is accessible only to authorized personnel.

Updated over a week ago

When you use Doodle, you send pieces of data to Doodle; this can be a name, an e-mail address, or information relating to your appointment. Other data is generated implicitly by your use of Doodle, e.g. log data.

We use this information for internal analytical purposes to improve the product for you. Furthermore we employ other companies to perform tasks on our behalf and may need to share this information with them to provide services to you. We do not sell your data to third parties.

At rest Doodle data is encrypted and backed up.

Data in transit is encrypted with SSL, and we do not have any unencrypted endpoints anywhere.

Our entire infrastructure is located at Amazon and the data is only accessible within the cluster at Amazon: https://aws.amazon.com/compliance/iso-27001-faqs

Log data will not be deleted. Outdated polls are automatically deleted after 90 days of inactivity. This includes invitees data.

Only authorized support employees and the engineering team have access to the data stored in the database for troubleshooting. For further information, please refer to our privacy policy.

Since May 25th 2018, in compliance with the GDPR legislation, users can arrange for Personal Data to be corrected, blocked or deleted at any time, (showing appropriate proof of email ownership), by submitting a request in writing at: [email protected].

Did this answer your question?