Mode is committed to meeting the requirements of the General Data Protection Regulation ('GDPR'). The GDPR is a landmark EU data privacy law, effective May 2018, which affects both European and non-European businesses. The GDPR expands user data privacy rights and standards for any organization that handles EU citizens' personal data, regardless of its location.

In addition to GDPR preparedness, Mode is also certified under the EU-US Privacy Shield Framework.

It is our utmost priority to keep our customers' sensitive data and information safe. Mode adheres to industry-leading standards to manage our network, secure our application, and set policies across our organization. Mode security documentation, as well as reports from third-party auditors, are available upon request.

For more information on our policies, please visit our Security page.

Mode's DPA is available to all organizations using Mode. The DPA certifies that Mode will process all personal data in accordance with the applicable data protection laws, including GDPR requirements. The DPA can be found here.

Mode engages certain third-party data processors ('subprocessors') to assist in providing the Mode Service. Existing Mode subprocessors and the functions they provide are listed below.

For all subscribers who have executed Mode's DPA, Mode will provide advance notice of any proposed updates to the list of subprocessors used. We update this list regularly so that you are informed of the scope of subprocessing associated with the Mode Service.

This page will be revised over time to reflect any GDPR-related updates. If you have questions, please reach out to us at privacy@modeanalytics.com.