Log In Start Building for Free
User Log In Free Trial
Explore Solutions

Read how you can revolutionize your operation with Knack.

Read Customer Stories

Knack builders are succeeding.

DeRock Electric
Digitization boosts DeRock Electric’s operations, efficiency, and profitability.
CureTech
Built a a HIPAA-Compliant Start-Up and saved $250k+ saved/year.
Try Interactive Demo

Get a quick taste of Knack.

Comprehensive Guide: How to Build Construction Software to Manage Operations
In the construction industry, finding the right software solution can…
How to Build a Web Portal
Building a web portal can transform the way you manage…
How to Build Apps Without Coding in Knack
Creating a web app without any coding experience is now…
Template Marketplace

Expedite your app build with a pre-built template.

GDPR Compliance

in 2016, Europe adopted a new set of data protection laws called the General Data Protection Regulation (GDPR).

These laws are meant to protect the personal data of EU citizens and have been in effect since May 25th, 2018.

We take data security very seriously and have worked to ensure GDPR compliance by the enforcement date.

This page outlines that regulation and provides more details to ensure you are following compliance regulations for your own applications and data.

What is the GDPR?

The European Commission approved and adopted the new General Data Protection Regulation (GDPR) in 2016.

This regulation aims to give EU-citizens more control over their data, and create uniform privacy rules to enforce across the EU. This will be replacing the EU Data Protection Directive as well as local laws relating to it.

Although this law originates in the EU the reach of these regulations is global. Any business holding personal data on customers, prospects, or employees based within the EU are subject to the new regulations.

The GDPR defines “personal data” as any information related to a natural person or ‘Data Subject’ that can be used to directly or indirectly identify the person.

Is Knack compliant with the GDPR?

Yes. We’ve long maintained data centers in Europe to ensure data for our European customers is not leaving the EU. We can confirm that all Knack accounts which house data in these EU data centers comply with the GDPR as of May 25th, 2018.

To further comply with the GDPR we’ve worked on implementing the following:

Features

We’ve added a new feature that will enable you to easily and completely delete all data linked to an individual user.

More information on this can be found here.

Agreements

We’ve created a new Data Processing Agreement (DPA) that explains the privacy considerations in place and our terms for meeting GDPR compliance.

If you are a current Knack customer who would like to enter into a DPA with us, you can do so by navigating to your App Settings. At the top, navigate to the Info tab and you’ll see a link to View & Sign under the section: Agreements.

You’ll need to download, review, and sign the agreement. You can then return it back to us by sending the signed DPA to: dpa-submissions@knack.com

Team Changes

We have appointed a Data Protection Officer to oversee and maintain policies as they relate to data management.

To contact the Data Protection Officer at any time, please reach out to complaints@knack.com

We’ve also augmented our team training to accommodate needs associated with GDPR.

Data Transfers

We currently maintain data centers within the European Union – specifically, Frankfurt, Germany.

All of the data for these EU apps are completely isolated to these servers, including the jobs and backups, to ensure no data ever leaves the EU. This data is 100% encrypted both in transit and at rest.

If you are unsure if your data is currently housed in our EU data center, you can check within your App Settings to confirm. At the top, navigate to the Info tab and you’ll see where your data is hosted under the section: Data Location.

Sub-processors

We use certain sub-processors in the general running of our business and to assist Knack in providing its services to our customers. A sub-processor is a third party service provider or data processor engaged by Knack, who has or potentially will have access to or process personal data. Knack engages different types of sub-processors to perform various functions as explained in the table below. We will update this list if we add or change any sub-processors in the future, so please check back from time to time for the most recent list of sub-processors.

Sub-processorCountry of StorageDescription of Processing
AlbatoUS, Germany, AustraliaAutomation service to connect apps and APIs
Amazon Web ServicesUS, Germany, AustraliaInfrastructure and hosting for all Knack services and data
DatadogGermanyInfrastructure monitoring and analytics
GoogleUSCustomer analytics
Robot and spam mitigation
HubspotUSCustomer relationship management
IntercomUSCustomer support chat and communication
LogRocketUSCustomer session analytics
PendoUSCustomer session event tracking
RudderStackUS, GermanyProduct behavior analysis
SendgridUSEmail communications
StripeUSPayment processing
SvixUS, GermanyWebhooks as a service

Do you need to do anything to be compliant?

The short answer here is yes. Although we can make sure that the information we collect and store is compliant, the actions you take in acquiring information from your own users may require additional steps to be compliant.

Some steps you can take are:

  • Read up on the GDPR and how it may impact your business.
  • Discuss any potential changes you may need to make with your attorney.
  • Take a fresh look at all the existing information you process and how it’s processed, to determine if any changes need to be made.
  • Keep information privacy at the forefront of your mind when developing new applications, and auditing your current applications.