Sitecore and GDPR
We take your personal data seriously.
At Sitecore, we understand the value of data and the importance of protecting it
As of May 25, 2018, the General Data Protection Regulation (GDPR) protects the rights of Europeans to access and control their personal data. This means any brand that markets to prospects in Europe needs to be able to comply with such requirements as transferring an individual’s data to them or deleting it completely upon a user’s request. At Sitecore, we’re working across our organization to ensure compliance with the GDPR and other privacy laws, and understand that our customers will want to know how they can configure Sitecore products and services in a way that will help them with their own compliance efforts.
Sitecore is committed to the privacy-first philosophy of the GDPR and emulating that in our processes and products. With that in mind, we have taken a number of steps to ensure our ongoing compliance and our Privacy Team is implementing an ongoing data protection plan that covers all areas of our business.
How Sitecore can help
Organizations whose data is spread across multiple siloed systems and databases are confronted with a significant challenge ensuring they can comply with the new GDPR requirements. Sitecore Experience Cloud™ is not only secure by default, but developed with a privacy-by-design approach: Its digital experience and commerce platforms can be configured to collect, connect, and store customer data at the individual level, which means you have an easier process for managing it—since it’s all in one place.
Read our white paper about how Sitecore supports GDPR →
Get in touch
Sitecore recommends working with your legal counsel to assess your own risks and to understand the applicability of any law or regulation to your business, including how you process data. For more information about Sitecore's data protection and security framework, contact us or visit the Trust Center.