Ensuring GDPR
compliance with

Deadline: 25 May 2018

The EU General Data Protection Regulation (GDPR) was adopted two years ago and companies must have implemented its requirements by 25 May 2018. A not insignificant task.

With Brainloop solutions, companies can ensure that they comply with GDPR requirements across a broad range of use cases.



GDPR-compliant data encryption

All data within Brainloop applications is always encrypted – on the server, during transmission, and in the various apps and clients.

Verifying security of outsourced data processing: required by GDPR

Brainloop provides its customers with a contract extension concerning subcontracted data processing as standard.

It also has an ISMS with all necessary technical and organisational measures, including:

  • ISO 27018
  • ISAE 3402 (Type II)
  • TCDP certification (protection category III)

Recoverability and availability – guaranteed by contract


  • All Brainloop data is stored in high-availability data centres
  • Brainloop stores data exclusively in a choice of data centres in Britain, France, Germany, Austria, Switzerland and Luxembourg 
  • Equipped with state-of-the-art backup and disaster recovery technologies
  • Service level agreements ensure contractually-binding availability