Rheaply GDPR

Use sidebar to navigate.

General Data Protection Regulation – Last Updated November 28, 2023

As a global application service provider, in accordance with our information security and data privacy practices as Data Controller, Rheaply complies with all applicable data privacy regulations. We are providing the following information in order for users and customers to understand our compliance posture.

Questions and comments can be sent to ciso@rheaply.com, or you can read our privacy statement for more information.



Individual Responsible for GDPR Compliance

Peter Tucker, CTO

Purpose of Processing

Functionality of the Rheaply platform is dependent upon use of some PII. More information on what PII Rheaply collects and how it’s used can be found here.

Lawful Basis for Collection & Processing

GDPR Article 6(1)(a) – consent

Data Subject Access Requests

Requests for data access, modification or deletion may be sent to ciso@rheaply.com

Data Protection and Information Security 

Rheaply maintains a comprehensive system to monitor and protect the confidentiality and accessibility of our data, which is audited annually by a third part assessor. Our current SOC 2 Type II report is available on request and our trust report can be found here

Breach Notification

Any breach of sensitive data will be quickly reported to affected parties according to our Incident Response Policy and applicable regulations.