Platform
Product Listing Private Offers Resale Offers Agreements Cosell Billing & Metering Reporting Workflows AI & Intelligence Integrations
Solutions
AWS Marketplace Google Cloud Marketplace Microsoft Marketplace Alliances & Partnerships RevOps Deal Desk Finance Just Getting Started Transform Your GTM Automate to Scale
Pricing
Partner
Resource
Blog Customer Stories Events & Webinars Help Center Docs APIs SDKs Security Changelog
Sign in Get a Demo

Suger's Commitment to GDPR

Suger Inc's GDPR Commitment Notice

Last updated: March 05, 2026

Suger is committed to protecting personal data and supporting our customers in meeting their obligations under the General Data Protection Regulation (GDPR). Our platform is designed with security, privacy, and transparency in mind.

Our Role

When customers use Suger, they typically act as the data controller, determining what personal data is processed and for what purpose.

Suger acts as a data processor, processing personal data only on behalf of our customers and according to their instructions, as defined in our service agreements and applicable privacy terms.

Security and Infrastructure

Protecting customer data is a core priority at Suger. Our platform operates on secure cloud infrastructure provided by Amazon Web Services (AWS), and we maintain a range of safeguards designed to protect customer data, including:

  • Encryption: Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • Access Control: Role-based access controls (RBAC) and least-privilege access policies.
  • Development: Secure software development lifecycle (SDLC) and change management practices.
  • Monitoring: Continuous monitoring and vulnerability management.
  • Incident Response: Established procedures for rapid response and notification.

Suger has implemented security controls aligned with the SOC 2 Type II Trust Services Criteria for Security.

Data Processing and Transfers

Suger processes personal data only as necessary to provide and support our services. Where personal data is handled, we rely on industry-standard protections and secure infrastructure to ensure that personal data remains protected regardless of its location.

Subprocessors

We work with a limited number of trusted service providers (subprocessors) to operate our platform and deliver services to customers. All subprocessors are carefully selected and required to maintain appropriate confidentiality and security safeguards consistent with applicable data protection best practices.

Supporting Data Subject Rights

GDPR provides individuals with rights regarding their personal data, including the right to access, correct, or delete their information.

Because Suger processes personal data on behalf of customers, requests from individuals should typically be directed to the relevant customer (the data controller). Suger supports customers in responding to these requests where required.

Privacy by Design

We apply privacy-by-design principles when developing and operating our platform, including limiting data collection to what is necessary for service functionality and regularly reviewing our compliance practices.

Learn More

For more information about how Suger handles personal data, please review our Privacy Policy.

If you have questions regarding data protection or GDPR, please contact: support@suger.io