How we’re preparing for GDPR

What is GDPR?

The General Data Protection Regulation (“GDPR”) is a new European privacy regulation which will replace the current EU Data Protection Directive (“Directive 95/46/EC”). The GDPR aims to strengthen the security and protection of personal data in the EU and harmonize EU data protection law.

To whom does GDPR apply?

The GDPR applies to all organizations operating in the EU and processing “personal identifiable data” of EU residents. Personal data is any information relating to an identified or identifiable natural person.

To what implications does GDPR have for organizations processing the personal data of EU citizens?

One of the key aspects of the GDPR is that it creates consistency across EU member states on how personal data can be processed, used, and exchanged securely.

Organizations will need to demonstrate the security of the data they are processing and their compliance with GDPR on a continual basis, by implementing and regularly reviewing robust technical and organizational measures, as well as compliance policies.

At OneSky, we value your privacy. We’re committed to keeping the information you provide to us secure and confidential. With that in mind, we’ve made some updates to our Terms of Services and Privacy Policy to comply with the new requirements under the EU General Data Protection Regulation (GDPR) coming into effect on May 25, 2018.

What data we are collecting from you?

  • Identity information
  • Contact information
  • Profile information
  • Feedback and correspondence
  • Financial information
  • Transaction information
  • Usage information
  • Marketing information

Check out OneSky Privacy Policy for more details.

How we use your personal data?

General Uses

(a) operate, maintain, administer and improve the services;
(b) process payments you make through the services, and send you related information, including purchase confirmations and invoices;
(c) send transactional messages, including responses to your comments, questions, and requests; provide customer service and support; and send you technical notices, updates, security alerts, and support and administrative messages;
(e) respond to your service-related requests, questions and feedback;
(f) monitor and analyze trends, usage, and activities in connection with our website, services and for marketing or advertising purposes;
(i) personalize our website and services, including by providing features or advertisements that match your interests and preferences; and
(j) for other purposes for which we obtain your consent.

Check out OneSky Privacy Policy for more details.

Your Rights

You may be entitled to:

  • opt out from processing of your personal Information for direct marketing purposes;
  • request information regarding the processing of your personal Information, including to be provided with a copy of your personal data;
  • request the correction and/or deletion of your personal Information, or object to the processing of your personal Information;
  • request the restriction of the processing of your personal Information;
  • request receipts or transmission to another organization, in a machine-readable form, of the personal Information that you have provided to us; and
  • complain to your local data protection authority, or to a court of law, if your data protection rights are violated. You may be entitled to claim compensation for damages or distress incurred or suffered as a result of unlawful processing of your personal Information.



The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. Check out Security Page for more details.

List of Data Subprocessors

Welcome to OneSky’s Subprocessor repository page where we maintain a current list of Subprocessors authorized to process customer data for OneSky’s services. OneSky imposes data protection terms with each Subprocessor regarding their security controls and applicable regulations for the protection of personal data.

Entity Name Entity Location
Amazon Web Services, Inc. USA
Logentries USA
SendGrid, Inc. USA
Zendesk USA
Heap, Inc. USA
Intercom, Inc. USA
Firebase USA
ObjectLabs Corporation USA
ChartMogul Ltd United Kingdom
Xero Limited. New Zealand
HubSpot, Inc. USA


What OneSky has prepared for GDPR?

    • 1. Updated our Terms of Services and Privacy Policy to simplify the language around our data policies to make it clearer and more understandable


    • 2. Coordinate with our partners

All vendors are required to sign an EU Data Protection Agreement prior to working with us. This document addresses common requirements concerning Notice, Choice, Onward Transfer, Access, Security, Data Integrity and Enforcement of the Personal Data with respect to the vendor’s Personal Data. Any vendor has the right to terminate its working relationship with us and request the deletion of Personal Data pertaining to them.

    • 3. Educate OneSky employees

Our team is educated on changes related to GDPR and other data handling practices so all employees understand our security standards and commitment to privacy for our users.

    • 4. Take security measures

We take a holistic, risk-based approach to security. This means the platform secures your data in transit and at rest, restricts and secures data access, and provides continuous incident monitoring.

    • 5. Prepare Data Processing Agreements (DPAs)

Any third-party service providers that are utilized by us will only be given access to Your Account and Service Data as is reasonably necessary to provide the Service and will be subject to their implementing and maintaining compliance with appropriate technical and organizational security measures. Check out OneSky Data Sub-processor list for more information.

Our Data Processing Agreements have been updated. For more information on how customers can enter into it, contact OneSky at

    • 6. Certify for International Data Transfers

Transfers of personal data outside the European Economic Area (EEA) are permitted as long as certain safeguards apply. Our customer DPA contains the EU Model Clauses, which are industry standard for data safety. This means that we agree to protect any data originating from the EEA in line with European data protection standards.

    • 7. Prompt breach notifications

In line with our current policies, we will promptly inform you of any incidents involving your users’ personal data.

We look forward to continuing to build on our commitment to data security and privacy. If you have any questions about how GDPR affects you as a customer, our support team is happy to help.

Agnes Ng

Popular post

10 Responses

  1. amirah says:

    This blog post provides some clarity on our upcoming changes for GDPR, our ongoing work to keep your data protected, and helps your organization in your own efforts as you prepare for this important new regulation.Thank you…

  2. Saanvi Royal says:

    Good read, Thanks for your blog for giving good info. Keep posting such an informative posts.

    Mobile Apps Development Company In Dubai

  3. Peaky Sports says:

    Amazing info which gives clear idea about GDPR.

    Watch Cricket World Cup

  4. Puli Raja says:

    it’s really us to learn more and more about a topic. you can see more information on

  5. Siddique says:

    Do you know which is the best automation company in UAE Here is your answer. Lazulite

  6. arthur shelby says:

    Get more followers and likes using wefbee apk for auto follow requests and many other automated features.

  7. Mia Walker says:

    The best accounting software to file VAT in Pakistan is web desk Software of ICT systems . Today if you are looking to start your business in Pakistan and looking for affordability and best software features. You can get all these features at web desk ERP.accounting software in karachi

  8. Frey Karts says:

    This is perfect specially today where everyone are at home and the only thing that could do is use internet. Most transactions are done online whether it be banking or buying goods.
    our service

  9. Nice info thanks for sharing the best info really nice web designers and developers

  10. Savannah says:

    Keep posting such an good posts, If you Are you looking for a registered home care services and NDIS or NDIS disability provider based in Australia? At Authentic Life Care, we are a registered NDIS services provider. For more please visit at NDIS provider

Leave a Reply

Your email address will not be published. Required fields are marked *


Localization Resources
to get you started