Fundstack is fully compliant with GDPR and Data Protection legislation in the EU.
Due to the sensitive nature of the data Fundstack is processing, strong data protection is paramount for the success of Fundstack’s clients as well as its own. As a European-based business, Fundstack complies fully with GDPR legislation.
Importantly, the client is the owner of all data on the platform (“Controller”). Fundstack only acts a “Processor” and processes data according to the client’s instructions. This means that we cannot use the data for any other purpose. You can see these legal obligations in clause 11 of our Terms and Conditions. Further, clients can also enter into a GDPR Amendment which specifies the data protection obligations of Fundstack in detail. This will be signed in addition to the main Order Form (if required).
The legal obligations also work in conjunction with several technical measures, such as encrypted client data and permissioned-based account access.