We value your privacy
Full GDPR Compliance
- Gender-API.com services are in full compliance with the GDPR
- All our servers are located in Germany
- The data is processed within the EU
Actively Managed Servers
- All our servers are behind a firewall
- All our servers are monitored
- Critical server patches are applied within 24h
- Our infrastructure setup is managed, documented and versioned
- Regular vulnerability scans
Data Deletion Policy
- We do not store any data longer than necessary
- Server log files are kept for 14 days. These log files contain information about your request (date, IP, URL, browser agent, submitted name, country code, API key) and are stored for accounting reasons
- Uploaded and processed Excel / CSV files are deleted after ten days if they have not been deleted by the user in the respective account
- All uploaded files are stored encrypted on disk
Account Security
- Our password policy requires a complex password with at least 8 characters
- You can enable a two-factor-authentication in your account
- Manage and control, who from your team can access your account
- You can request the deletion of your account and all uploaded files at any time
Data Processing Agreement
- We do not share your data with any third party
- Your data is solely used for the gender enrichment process
- We provide a Data Processing Agreement (DPA) that you can request in your account
- A list of all our subcontractors can be found here
Cookies
SSL Encrypted Traffic
- The entire communication between you and our server is encrypted
- We support AES_256_CBC up to TLS 1.3 to give you the best possible privacy protection
Backups
- Our backups are stored in a remote location
- All backups are saved to encrypted volumes
- Data recovery from backups is tested on a regular basis