Data Protection

GDPR Compliance

Your data security is not a feature — it's a foundation. Here's how 8D Report protects your data and complies with the General Data Protection Regulation.

EU Data Residency

All data is stored and processed within the European Union on Microsoft Azure data centers.

Encrypted Everything

Data encrypted at rest (AES-256) and in transit (TLS 1.2+). No exceptions.

Microsoft Azure

Enterprise-grade infrastructure with ISO 27001, SOC 2, and GDPR certifications.

Your rights under GDPR

As a user of 8D Report, you have full control over your personal data.

Right to Access

Request a copy of all personal data we hold about you at any time.

Right to Rectification

Update or correct your personal data if it is inaccurate or incomplete.

Right to Erasure

Request deletion of your personal data. We will comply within 30 days.

Right to Portability

Export your data in a structured, machine-readable format.

Right to Object

Object to processing of your data for specific purposes, including marketing.

Right to Restrict

Request that we limit how your personal data is processed.

Technical & organizational measures

Infrastructure

  • Hosted on Microsoft Azure EU data centers
  • AES-256 encryption at rest
  • TLS 1.2+ encryption in transit
  • Automated daily backups with geo-redundancy
  • 99.9% uptime SLA

Access Control

  • Role-based access control (RBAC)
  • Scoped external collaborator access
  • Session management with automatic timeout
  • Audit logs for all data access and modifications

Data Processing

  • Data processed only within the EU
  • No data sold or shared with third parties for marketing
  • Sub-processors limited to essential services (Azure hosting, email delivery)
  • Data Processing Agreement (DPA) available on request

Incident Response

  • 72-hour breach notification to supervisory authority as required by GDPR
  • Affected users notified without undue delay
  • Documented incident response procedures

Data Processing Agreement

We provide a Data Processing Agreement (DPA) to all customers who require one. The DPA outlines our obligations as a data processor, the categories of data processed, sub-processors used, and the technical measures in place.

Request DPA

Data Protection Contact

For any questions regarding data protection, GDPR compliance, or to exercise your data rights, contact us:

info@8dreport.com
Promigra d.o.o., Krasinec 47a, SI-8332 Gradac, Slovenia

Security questions?

We're happy to answer any questions about how we protect your data. Reach out anytime.

Contact Us Start Free Trial