GDPR & Tally

This page does not serve as legal advice. Please determine together with your legal advisor how GDPR applies to your business.

What is GDPR?Is Tally GDPR Compliant?Do you have a Data Processing Agreement?What happens with form data?How do you use my personal data?Subprocessors

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union (EU) privacy law that allows EU citizens and residents to have access and control over their personal data.

Does it affect you?

If your business is based in the European Union (EU), or you process the personal data of individuals in the EU, the General Data Protection Regulation (GDPR) affects you.

Is Tally GDPR Compliant?

Yes. Tally is based in Belgium (EU) and complies with the GDPR framework. These are the measures we took:

Our privacy policy gives you more information about what data we collect, data retention and transfers, and outlines your data protection rights.

All Tally form data is encrypted both in transit and at rest, and stored in Europe.

Data accessibility: you have full control of the information you collect, store and manage with Tally.

We have a DPA available for you.

For more information, please consult our privacy notice.

Do you have a Data Processing Agreement?

By agreeing to our Terms and Conditions through the creation of your Tally Account, professional users also agree, on behalf of their company, to the content of our Data Processing Agreement and accept to be bound by it. It is not necessary to sign this document.

What happens with form data?

Tally is the provider of a form service, and not the owner of the collected form responses. The form creator is responsible for the data he/she collects and is thus data controller of the respondent data. Tally is the processor and stores information on behalf of the form creators. As long as your account is active you (as the form creator) have full control over the data you collect, and the time period for which you store the data.

You are able to delete or export form responses from your account if it would be required to do so

We honor all deletions, and all form data which has been deleted by you is permanently deleted from our back-ups within 90 days.

Automatically delete submission data after a set period with Tally Business.

How do you use my personal data?

Tally acts as a data controller in the relationship between Tally and our customers (form creators), for the personal information you give us in order to use our service (registration information for example). Tally does not sell personal data to third parties or use it for marketing purposes or for serving advertisements.

We only share your information with our service providers who help us operate our business, in which case those third parties are required to comply with the GDPR framework.

Subprocessors

Name

Description

Country

May process form submissions

Link

Google Cloud

Hosting and storage

🇧🇪

Yes

Learn more

Cloudflare

Storage

🇪🇺

Yes (opt-in: file uploads)

Learn more

Cloudflare

DNS

🇺🇸

Learn more

Sentry

Error monitoring

🇺🇸

Learn more

Stripe

Payments

🇺🇸

Yes (opt-in: payment forms)

Learn more

Missive

Customer support

🇨🇦

Learn more

Mixpanel

Analytics

🇺🇸

Learn more

Hotjar

Analytics

🇺🇸

Learn more

SendGrid

🇺🇸

Yes (opt-in: form email notifications)

Learn more

OpenAI

Abuse detection

🇺🇸

Learn more

Canny

Customer feedback management

🇺🇸

Learn more

Plausible

Privacy-friendly analytics

🇩🇪

Learn more

Looking for a way to make GDPR compliant forms? There’s several things to consider when collecting personal information with your forms. Check out this guide to make sure your forms are GDPR compliant.