Data Security & Compliance
You are in good hands. We take good care of your data at inMobile.
The EU's General Data Protection Regulation (GDPR) and its resulting rules on the protection of personal data came into force May 25, 2018.
Since then, we have prioritised developing necessary measures so that you can comply with all GDPR rules.
inMobile has an ISAE 3000 assurance report
The ISAE 3000 assurance report is our customers' guarantee that we comply with applicable GDPR requirements.
inMobile processes large amounts of data every day, and we act as a data processor for our customers.
Our customers are data controllers and thus obliged to supervise us and all other data processors and suppliers.
This can be a daunting task for many and often comes at a high cost. That's why we've made it easy for our customers to supervise us – and we even save you that expense.
The auditing firm Deloitte prepares an ISAE 3000 assurance report every year. Deloitte supervises inMobile and thereby ensures that we comply with GDPR when processing your data.
Why we host in the EU
inMobile exclusively hosts in European-owned data centres located in the EU, as many public and private companies feel insecure about handing data over to foreign powers. We guarantee that your data will not leave the EU.
GDPR features
Automatic deletion routine
inMobile allows the data controller to set an automatic deletion routine for SMS messages sent and received via the data controller's inMobile account. The data controller can thereby change the retention period for the content of the SMS messages that you send and receive via your inMobile account.
Request deletion
inMobile allows the data controller to request the deletion of a phone number and all personally identifiable information associated with that phone number on the data controller's account in inMobile.
Export data for a mobile user
inMobile allows the data controller to request to receive all information associated with a mobile number on the data controller's account in inMobile.
Content anonymization
inMobile allows the data controller to anonymize sent and received SMS messages immediately after they are processed in inMobile. The last four digits of the phone number are replaced with ???? and the content is removed.
Your obligations and legal grounds for collecting personal data
A major part of GDPR is that you must obtain consent to store a mobile user's personal data and explain why you collect the data in question.
In addition, you must state that you are using inMobile as a data processor, and to comply with GDPR, your terms must reflect that you are collecting personal data.
The Danish Data Protection Agency: Why you have a duty to supervise your data processors
"The controller must fulfil the requirement of accountability and be able to demonstrate that processing of personal data complies with the rules of the GDPR. In the opinion of the Danish Data Protection Agency, the data controller will not be able to fulfil the above requirements simply by entering into a data processing agreement with the data processor. The data controller must therefore also supervise compliance with the data processing agreement, including that the data processor has implemented the agreed technical and organisational security measures."
Order Data Processing Agreement & ISAE 3000 assurance report from Deloitte
We've saved you the trouble
See how inMobile complies with GDPR. We've made it easy for you to supervise us, so you can focus on other important areas of your business.