Privacy statement - Upwave and GDPR

The General Data Protection Regulation (GDPR) came into effect on May 25, 2018. Here at Upwave, we are committed to respecting your privacy, protecting your data and helping you as a customer to fulfill the new requirements under GDPR.

Data Storage

You data is hosted on Amazon servers in Ireland (European Union). They, and our other third party providers have all undertaken their own measures based on GDPR. These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purposes.

Data Access, Management, and Portability

GDPR gives individuals in certain circumstances the rights to access, edit, delete, receive and transmit their personal data. Here are some of the ways Upwave helps its customers be self-compliant:

  • Access rights: In Upwave, admins can delete a user’s personal information upon request.
  • Account administration: Admins can directly access, edit and update billing information and workspace settings.
  • Data portability: Our customers can easily access, import, export or delete data from Upwave.


We are dedicated to protecting your data and have in place extensive security measurements to prevent data leakage, session hijacking, click jacking, man-in-the-middle attacks and other forms of malicious attacks. All communication to and from our servers are encrypted using modern HTTPS protocol. Only key personnel at Upwave can access core data systems.

Data Processing Agreement

We offer Data Processing Agreements to our enterprise customers. Contact us if you want to set up a Data Processing Agreement or if you want more information.