background blue with waves

Closely GDPR Compliance

Closely complies with the General Data Protection Regulation (GDPR) and all applicable regulations which allows us to deliver high-quality and safe services to our clients and partners.

We are fully committed to upholding the principles of the GDPR. Closely has implemented extensive measures to ensure compliance and integrated privacy by design into all aspects of our operations. We also put in place security controls for both physical and digital behavior. Our employees are trained to handle information safely and avoid any potential vulnerabilities in our systems. All the processes are regularly reviewed and updated to stay current with evolving best practices and regulatory requirements.

We handle the data with the best care; when we process it on behalf of our clients or partners, we strictly follow their instructions as data controllers. Closely aligned its practices to the GDPR and will assist our clients in adhering to their responsibilities to the GDPR. Additionally, we always assist our data controllers with their Data Protection Impact Assessment and facilitate an audit of the data processing in accordance with the GDPR.

Please find out more on how we process and protect personal data below.

Role of Closely

When we process personal data, Closely may be both a data controller and processor:

Data that Closely may process for clients/partners (“clients”) when performing services

Business Data

Closely may obtain business data of businesspeople and companies. “Business Data” — name, business email address, business phone number, website, and social media account address, including LinkedIn URL-address, job title, seniority and role, company name, country/state of business, other publicly available business data from different sources:

Shared Data

When using the Closely services and platform, our clients may contribute Business Data about themselves or other businesspeople and companies. The Shared Data may cover name, business email address, phone number, including business one, website, and social media account address, including LinkedIn URL-address, job title, seniority and role, company name, country/state of business, other data rendered by clients to Closely. Closely may also collect the Shared Data:

Other Clients’ Data

Closely may process the following categories of clients’ data to provide services:

For more details, please see the Closely Privacy Policy.

Where does Closely store data?

Closely uses Hetzner Cloud and AWS as our cloud servers providers. All the data is stored in Germany and Finland data centers. Our database is fully encrypted and all the data is encrypted both at rest and in transit. Please find out more about our security process here.

Who has access to the data?

Closely protects all the data it processes from unauthorized access. All information circulating in the system is subject to the availability minimization and least-privileges principles. We implemented such an approach both on organizational and technical levels. Thus, access to the data may obtain two categories of users only: (1) Closelys employees who are directly engaged in delivering the Closely services, and (2) clients' personnel assigned by such clients to use the Closely platform.

Equipment of Closely employees is always protected by encryption and other technical measures as required by the security standards. That is why when our specialists access the data, the information keeps being processed in a safe environment.

How does Closely transfer data abroad?

If we need to transfer personal data outside of the EU or EEA, we only do so in accordance with the legal mechanisms that are providing an adequate level of protection and aligned with the GDPR. If a data recipient is not a resident of a country ensuring adequate protection of the personal data according to the EU approaches (Andorra, Argentina, Canada, Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, Republic of Korea, Switzerland, the United Kingdom, Uruguay), we always conduct Data Transfer Impact Assessment before any transfer. Any transfer is subject to the Standard Contractual Clauses.

How does Closely choose vendors?

We understand the importance of safeguarding our clients’ information and maintaining the highest level of security. As such, we take a rigorous approach when selecting vendors to work with. We only partner with vendors who demonstrate a strong commitment to security and privacy, and who have a proven track record of delivering reliable and trustworthy services. Our rigorous selection process ensures that our clients can trust that their data is being handled securely and with the utmost care. Vendor risk assessments are conducted before doing business with a new vendor and revisited when the relationship with the vendor changes significantly, including contract renewals. All vendors are required to be reassessed annually.