Cratio's commitment to GDPR

GDPR Overview
Right to data is a fundamental for every individual. With organizations across the world collecting customer data to enable them to provide services. It becomes important that companies manage data in a transparent manner with the customer’s consent.
GDPR is one of the most important change to data privacy regulations in the last two decades. It stands for “General Data Protection Regulation”. It establishes a new framework for handling and protecting the personal data of EU-based residents which comes into effect on May 25, 2018. It provides the citizens of the EU greater control over their personal data and assures that their information is being securely protected across Europe.
Does GDPR affect you?
Although GDPR is a data protection framework for the citizens residing in the EU. It also applies to all companies that handle personal data of individuals from the EU, which means almost every major corporation in the world will need to be ready when GDPR comes into effect.
If you or your organization stores and processes personal data in connection with services or goods offered in EU, then the laws will apply to you. Also, in the event of infringement of these laws, you can face fines and penalties from 10 million to 20 million or 2% to 4% of the annual revenue of the organization depending upon whichever is higher.
Our commitment to GDPR
We are fully committed to being GDPR compliant by the 25th of May, by when the regulation comes into effect. Over the past few months, multiple internal teams have been working towards making sure that we are aligned with the GDPR framework. Also, we’ve built product features for great privacy and data control for our product.
At Cratio, as an organization, we have always implemented and practised processes which ensure that customer data is stored and processed in ways only necessary to serve our customers in the best possible way. Our privacy, security & data storage policies are also streamlined with the GDPR goals and objectives. Visit our privacy policy page for more details.
Individual Rights, Subject Access, and Communication
The GDPR program thoroughly evaluates how Cratio, both as a data controller and processor, is placed with its existing procedures for readiness to:
Provide rights of individuals under GDPR
Assist customers in responding to data access requests from individuals.
Features built for GDPR readiness
  • Right to be Forgotten
  • Cratio lets you delete customer/contact data permanently. You can delete the customer/contacts’s profile and all the data associated- like activities, history, leads, etc.

  • Right to Portability
  • Cratio supports export request from data subjects. A subject can export user contact details, leads, contacts as needed.
    An export request from a data subject would have to be routed via the admin who validates if the requestor is genuine.

  • Right to Rectification
  • The GDPR includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete. End-users and users in Cratio can rectify any errors in their personal data by editing their profiles..

Do I need to move my data to an EU data centre ?
GDPR does not require EU personal data to stay in the EU, nor does it place any new restrictions on the transfer of personal data outside the EU. GDPR only mandates that such transfers be legitimised through any of the mechanisms provided in the regulation.
We at Cratio are committed to providing a product which enables our customers to provide customer service responsibly by implementing and adhering to prescribed compliance policies, both as a data controller and processor. The upcoming GDPR enforcement is critical to our mission of providing EU and all our global customers with safe and dependable customer support software.
For more information or questions about the Cratio Privacy Policy, please contact

Disclaimer: This is for informational purposes only and should not be relied upon as legal advice or to determine how GDPR might apply to you and/or your organisation. We encourage you to obtain independent professional advice, before taking or refraining from any action on the basis of the information provided here.