Legal
GDPR & Data Protection
Last Updated: Jun 10, 2026
SmartTask is committed to protecting personal data and helping our customers use SmartTask in a privacy-conscious and compliant manner.
This page provides an overview of how SmartTask supports customers with data protection requirements, including the General Data Protection Regulation (GDPR). It is intended as a general overview and should be read together with our Privacy Policy, Terms of Service, Data Processing Addendum, and Subprocessors page.
Our Role#
When SmartTask processes personal data on behalf of a customer in connection with the use of the SmartTask service, the customer typically acts as the Controller and SmartTask acts as the Processor.
Where a customer uses SmartTask on behalf of another organization, SmartTask may act as a Subprocessor.
The specific roles, responsibilities, and processing terms are set out in our Data Processing Addendum.
Data Processing Addendum#
For business customers, our Data Processing Addendum explains how SmartTask processes personal data on behalf of customers.
The DPA includes details about:
- The subject matter, nature, and purpose of processing
- Categories of data subjects and personal data
- Customer and SmartTask responsibilities
- Security measures
- Subprocessors
- International data transfers
- Data subject requests
- Deletion and retention
- Audit-related information
You can review our Data Processing Addendum here:
Privacy Policy#
Our Privacy Policy explains how SmartTask collects, uses, stores, and protects personal information when users visit our website, create an account, use our service, or contact us.
You can review our Privacy Policy here:
Subprocessors#
SmartTask uses certain third-party service providers to help operate, secure, support, and improve the SmartTask service.
We maintain a list of current subprocessors here:
Security Measures#
SmartTask implements technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure.
These measures may include encryption in transit, authentication and access controls, role-based permissions, logging and monitoring, backup and disaster recovery procedures, vulnerability management processes, and confidentiality obligations for personnel.
International Data Transfers#
SmartTask and its subprocessors may process personal data in countries where we or our service providers operate.
Where required under applicable data protection laws, SmartTask uses appropriate transfer mechanisms, including Standard Contractual Clauses or other legally recognized safeguards.
Data Subject Requests#
Customers are responsible for responding to requests from individuals whose personal data is processed through their SmartTask workspace.
Where required by applicable law and the Data Processing Addendum, SmartTask will provide reasonable assistance to help customers respond to valid data subject requests.
If you are an end user of a SmartTask customer and want to exercise your privacy rights, please contact the organization that provided you access to SmartTask.
Contact#
For questions about privacy, data protection, or the Data Processing Addendum, you can contact us at:
Related Documents#
