GDPR Compliance

Last updated on November 4, 2021


At, we take your security and privacy seriously. Kindly read our Privacy Policy. We are a GDPR complete complaint service provider and website owner. The privacy policy includes our Cookies Policy ads well.

To comply with the upcoming GDPR from time to time, we’re committed to ensuring that we and our customers adjust to the scope of the changes by being transparent about our practices and how we protect data and privacy.

Our Data Protection Officer can be reached at He is a citizen of France, EU, and a resident there. He is a Data Protection Officer (GDPR DPO) working under “professional secrecy”. Officially declared as it at the French Data Protection Authority (CNIL). Member of the AFCDP (French Association of Data Protection Officers). He is also a Cybersecurity certified with VHL and VHL Advanced Plus (virtual hacking lab) and SPSE certifications (Python for pentesters).

To improve security safeguards and support needed processes, we have already implemented all the instructions and guidelines of GDPR Compliance.

Policy Updates

At, we update the privacy policy from time to time in line with the updates published and announced by the GDPR statutory body, introducing a new usage policy, and introducing a new data processing agreement to sign with customers.

To be fully compliant with the new regulations, we applied for EU-US and Switzerland-US Privacy Shield programs, which cover the transfer of data between the EU and the US.

A new Trust page will be a place to educate customers and prospects and serve as a starting point to submit requests and initiate internal processes related to the rights of the data subjects under GDPR and Privacy-Shield regulations.

New roles (Data Protection Officer and EU representatives) and processes will be in place to help us and our customers become compliant with the requirements of GDPR and EU-US privacy shield regulations.

According to GDPR, these rights/processes include:

  • Access to personal data about a subject.
  • Correction of incorrect personal data.
  • Object to processing personal data on the platform.
  • Delete personal data.
  • Transfer data to another processor or controller.
  • EU-US Privacy shield related.

Clearly stated rights, such as the ability to understand how personal data is profiled or automatically processed.

Ability to file a complaint with GDPR or EU-US Privacy shield authorities

Content Charisma will act as the controller (regarding personal data of our customers) and processor (for the data of customer customers and prospects) to act promptly on any request and to help our customers be compliant to the maximum extent.

Moreover, we expect to automate most of these processes and provide improvements both on the process and products.

Product updates

All personal data, where Content Charisma acts as a processor, is stored in the Heroku and AWS which is a secured and 24/7 supported environment.

Personal data in the cloud, as well as all other details regarding customers, are encrypted by default.

All passwords and login credentials (including access to customer email accounts for service to process) are encrypted.

Administrative features have been implemented to delete and export personal data within Content Charisma on request.