> ## Documentation Index
> Fetch the complete documentation index at: https://docs.voucherify.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Security and data protection

> Data privacy regulations and instructions on how to execute data protection procedures

If you sell or offer products or services to customers based in the EU, you must adhere to the *General Data Protection Regulation* (GDPR). Moreover, if your business operates in California, your services need to be compliant with the *California Consumer Privacy Act* (CCPA).

<Note>
  Here are key resources regarding security and data protection:

  * [Visit Data processing agreement](https://www.voucherify.io/legal/data-processing-agreement)
  * [Contact Data Protection Officer](mailto:dpo@voucherify.io)
  * [Visit Security and data protection policy](https://www.voucherify.io/legal/security-policy)
</Note>

## Voucherify commitment to data privacy and GDPR compliance

The [General Data Protection Regulation](https://gdpr-info.eu/) (GDPR) is a European privacy law approved by the European Commission and it aims at strengthening, modernizing EU data protection law, and enhancing individual rights and freedoms, consistent with the European understanding of privacy as a fundamental human right.

Voucherify is a GDPR-compliant data processor. To find the comprehensive security and data protection measures implemented at Voucherify, visit [the legal section](http://www.voucherify.io/legal).

Read the overview of GDPR requirements met at Voucherify.

<AccordionGroup>
  <Accordion title="Data Processing Addendum (DPA)">
    Voucherify offers a Data Processing Addendum (DPA) for customers who collect data from individuals in the EU. The DPA provides contractual terms that meet GDPR requirements and reflect Voucherify's data privacy and security commitments.
  </Accordion>

  <Accordion title="GDPR-compliant vendor contracts">
    Voucherify uses trusted vendors and maintains signed data processing agreements with all partners that subprocess sensitive data. This vendor management approach ensures that customer data is stored and processed in secure, compliant environments.
  </Accordion>

  <Accordion title="Employee security training">
    The Voucherify Data Protection Officer (DPO) ensures all employees receive training on handling sensitive data and avoiding social engineering attacks. Access to the Voucherify platform is controlled by a managed and audited security policy.
  </Accordion>

  <Accordion title="Terms of Service and Privacy policy">
    Voucherify maintains updated [Terms of Service and Privacy policy](https://www.voucherify.io/legal "Voucherify policies and procedures portal") to remain fully compliant with GDPR. These documents describe what personal data Voucherify collects, the purpose of processing, and how long the data is stored.
  </Accordion>

  <Accordion title="Data Protection Impact Assessment (DPIA)">
    Voucherify uses a Data Protection Impact Assessment (DPIA) process to identify and minimize data protection risks. Every change to the software or organizational procedures triggers a privacy review to mitigate potential consequences for clients.
  </Accordion>

  <Accordion title="Data access, portability, and deletion">
    Voucherify includes features to support data regulations regarding the right to portability, the right to be forgotten, and the right to rectification. You can manage these requirements through the dashboard or API.
  </Accordion>
</AccordionGroup>

### Data Protection Officer

Voucherify works with clients to answer any questions and address any concerns regarding how their data is protected in compliance with the GDPR standards. If you have any questions, [contact Voucherify compliance](mailto:compliance@voucherify.io).

### How to execute GDPR procedures in Voucherify?

Learn more about standard procedures in Voucherify related to GDPR regulations.

<AccordionGroup>
  <Accordion title="How to remove your account permanently?">
    Submit a ticket through the [support page](https://www.voucherify.io/contact-support). The Voucherify team will remove your account and all underlying data from the data center and third-party providers.
  </Accordion>

  <Accordion title="How to remove a team member permanently?">
    To remove a team member permanently, you can use one of the following methods:

    * Voucherify dashboard: The account owner can remove user data directly through the dashboard:

          <Steps>
            <Step title="Locate the user">
              Log in to the dashboard and go to **Team settings** > **Team**. Find the specific member you want to remove.
            </Step>

            <Step title="Delete the user">
              Open the three-dot menu **⋮**, select **Delete**, and confirm the action.
            </Step>

            <Step title="Permanent removal">
              Once the user is deleted, click **Remove permanently** in the three-dot menu **⋮** and confirm the action.
            </Step>
          </Steps>
    * Contact support: The account owner can remove a team member by reaching out to [Voucherify support](https://www.voucherify.io/contact-support).

    The member data is removed permanently.
  </Accordion>

  <Accordion title="How to update customer data?">
    You can update or remove customer data using these options:

    * Dashboard Edit: An account admin can go to **Customers**, locate the specific customer profile, and edit the information.

    <Note>
      Read [Manage customers](/prepare/customers) to learn more about customer management.
    </Note>

    * Contact support: The admin or the customer can contact [Voucherify support](https://www.voucherify.io/contact-support) directly, for example when you no longer have access to Voucherify dashboard. Customers must provide the necessary information to identify their organization and records. Voucherify will notify the organization administrator if a customer requests a manual update.
  </Accordion>

  <Accordion title="How to export your customer data?">
    You can export your customer data as CSV or JSON files through two primary methods:

    * Dashboard: Use the [dashboard export tool](/prepare/customers#export-customer-data).
    * API: Use the [Create export endpoint](/api-reference/exports/create-export).
  </Accordion>

  <Accordion title="How to remove customer data permanently?">
    To delete customer data permanently, use one of these three methods:

    * Dashboard settings: Go to **Team settings** > **Delete people data** to delete data permanently.

          <Note>
            Read more about [Team settings](/manage/team-settings) and deleting people data.
          </Note>

    * API endpoint: Use the [Delete customer permanently API endpoint](/api-reference/customers/delete-customer-permanently) for automated permanent deletion.

    * Manual request: The account admin or customer can contact [Voucherify support](https://www.voucherify.io/contact-support), for example when you no longer have access to Voucherify dashboard. If a customer makes this request, they must provide identification details. The organization administrator will be notified.
  </Accordion>
</AccordionGroup>

All data management actions described above are compliant with the GDPR.

## Email subscriptions from Voucherify

You can manage communication you receive from Voucherify in **My Profile** > **Email subscriptions**.

## California Consumer Privacy Act (CCPA)

Voucherify is fully compliant with [California Consumer Privacy Act (CCPA)](https://www.oag.ca.gov/sites/all/files/agweb/pdfs/privacy/ccpa-proposed-regs.pdf). As a result, Voucherify:

* Informs customers that their personal data is being collected by the Service Provider.
* Informs customers whether their personal data is sold or disclosed and to whom.
* Allows customers to reject the sale of their personal data.
* Allows customers to access their personal data.
* Allows customers to request deletion of any personal information about them.
* Does not discriminate against customers who exercised their privacy rights.

If you have any questions regarding CCPA and Voucherify, [contact Voucherify support](https://www.voucherify.io/contact-support).