Mode's GDPR Readiness

Last Modified: May 21, 2018

We are committed to protecting you and your data

Mode is committed to meeting the requirements of the General Data Protection Regulation ('GDPR'). The GDPR is a landmark EU data privacy law, effective May 2018, which affects both European and non-European businesses. The GDPR expands user data privacy rights and standards for any organization that handles EU citizens' personal data, regardless of its location.

In addition to GDPR preparedness, Mode is also certified under the EU-US Privacy Shield Framework.

Mode's security infrastructure

It is our utmost priority to keep our customers' sensitive data and information safe. Mode adheres to industry-leading standards to manage our network, secure our application, and set policies across our organization. Mode security documentation, as well as reports from third-party auditors, are available upon request.

For more information on our policies, please visit our Security page.

Mode's data processing addendum ('DPA')

Mode's DPA is available to all organizations using Mode. The DPA certifies that Mode will process all personal data in accordance with the GDPR requirements. Mode admins can sign and adopt Mode's DPA electronically. To access the DPA, log in to Mode, navigate to the home page, and click on your name in the upper left corner to open the account dropdown. Click Organization Settings, then select Privacy & Security.

Mode subprocessors

Mode engages certain third-party data processors ('subprocessors') to assist in providing the Mode Service. Existing Mode subprocessors and the functions they provide are listed below.

Name Function Location
Amazon Web Services Data storage and processing AWS servers located in the United States only
Fastly Content delivery network ('CDN') Content delivered via servers geographically closest to the end-user. See network here
Google Cloud platform Data storage and processing BigQuery servers located in the United States only
Intercom Customer support platform Intercom customer data is stored in the United States only
Segment Log and route application event data Segment servers located in the United States only

For all subscribers who have executed Mode's DPA, Mode will provide advance notice of any proposed updates to the list of subprocessors used. We update this list regularly so that you are informed of the scope of subprocessing associated with the Mode Service.

Stay in the loop

This page will be revised over time to reflect any GDPR-related updates. If you have questions, please reach out to us at

Additional resources