Loomio GDPR compliance


The EU General Data Protection Regulation (GDPR) came into effect on May 25, 2018. Loomio is GDPR compliant.

How does the GDPR affect Loomio group owners?

If you have any EU personal data (such as names, email addresses, ID numbers) in your Loomio group, you are a Controller of personal data under the GDPR.

Loomio Co-operative Limited is a data processor

Processing EU personal data must be governed by a GDPR-compliant contract.

We provide a standard Data Processing Addendum (DPA) to extend GDPR privacy principles, rights, and obligations everywhere personal data is processed.

Third party data processors

Loomio uses third party subprocessors such as cloud computing services to provide our services.

We enter into GDPR-compliant data processing agreements with each party. Data subprocessors used by Loomio

What rights do EU-based Loomio users have under the GDPR?

Under the GDPR, EU-based Loomio users have:

Data Protection Officer

Loomio has appointed Robert Guthrie as the DPO for Loomio Cooperative. Enquiries can be sent to dpo@loomio.org.