GDPR

GDPR compliance information for Bitrix24 users from the European Union

Bitrix, Inc. is committed to meeting General Data Protection Regulation (GDPR) requirements, which came into effect on May 25, 2018. Please refer to the information below for details.
  • Data Processing Agreement

    Bitrix, Inc. provides all of its customers from the European Union with the digitally signed Data Processing Agreement and information about Bitrix24 infrastructure and sub-processors. Simply print the signed DPA and add your company information. To finalize the process, Bitrix24 account administrators also need to provide all necessary information in the account settings (GDPR Compliance section) for our records keeping. Once done, the Agreement comes into effect.

    International Data Transfers

    Data in Bitrix24.eu, Bitrix24.de, Bitrix24.pl, Bitrix24.ua and Bitrix24.fr domain zones is hosted inside the European Union in Frankfurt, Germany with Amazon Web Services data centers, which are fully GDPR compliant - https://aws.amazon.com/blogs/security/all-aws-services-gdpr-ready/.

    Bitrix24.com, Bitrix24.in, Bitrix24.es, Bitrix24.com.br, Bitrix24.tr, Bitrix24.cn, Bitrix24.kz, Bitrix24.ru and Bitrix24.by accounts are hosted OUTSIDE the European Union, thus international data transfers take place. We recommend Bitrix24 users from the European Union use Bitrix24 accounts that are hosted in the European Union. Please note that commercial Bitrix24 account users can request their data to be transferred to the EU data centers via helpdesk - https://helpdesk.bitrix24.com/ticket.php. On-premise Bitrix24 editions are also available for purchase.

  • Security Statement

    We take a number of steps to protect the security and integrity of data stored with Bitrix24. All web connections for data transfer encrypted, data is isolated, and two factor authorization is available (Bitrix24 OTP or Google Authenticator). Full information on Bitrix24 security mechanisms and protocols is available at https://www.bitrix24.com/security/.

    Data Portability and Anonymization

    We provide special marketplace applications that allow Bitrix24 administrators to comply with GDPR data pseudonymization and portability requirements. The first application anonymizes personal data for any Bitrix24 user upon request. The second application allows any Bitrix24 user to download personal data collected inside their account.

  • GDPR FAQ

    This section is reserved for most frequently asked questions about GDPR compliance and Bitrix24 use.

    Privacy Policy

    Privacy and cookie policy for Bitrix24 users from the European Union has been updated in order to meet GDRP requirements. The updated policy for Bitrix24 is available at http://www.bitrix24.com/privacy/.

4.000.000+
organizations
are already using Bitrix24