The General Data Protection Regulation (GDPR). What is it?

If you’re wondering what GDPR is (and who it applies to), you’re not alone. This page is designed to help you understand exactly how it will affect you. As you read, you’ll find all of the resources you need to understand GDPR. Let’s start with a definition.


General Data Protection Regulation: A European regulation taking effect May 25, 2018, affecting the protection of data by “controllers,” those who determine the means and purposes of data processing and “processors,” those who handle data on behalf of controllers.


Many of SalesLoft’s customers will fall into the “controller” category as they are collecting and using personal data about their prospects. And since SalesLoft falls under the “processor” category, we are required by the GDPR to treat our customers’ data as if it were our own.

Want to hear it broken down even more? Just click below to hear our VP of Information Security outline the regulation in more detail.


But let’s cut to the chase – what is SalesLoft doing to align with the GDPR?

Data Processing Addendum

Our Data Processing Addendum (DPA) outlines the steps we are taking towards GDPR compliance, as well as the protections we provide to our customers.

Readiness Report

We’ve completed an independent third-party readiness assessment of our privacy controls that evidences that all controls are in place to address the articles of the GDPR. Speak to a rep to find out more.

What else do I need to know?

We know the whole regulation is intricate, but don’t worry. Take a look at the resources below for more details about the GDPR.

GDPR Overview

All the details of the GDPR, on one deliciously detailed page.

What the heck is GDPR? A Blog Series

Hear more specifics about the GDPR directly from SalesLoft's VP of Information Security.

GDPR as a SalesLoft User

Using SalesLoft? Learn how to best apply the new regulation to your sales process.

Fines for noncompliance with GDPR may be imposed up to the greater of

€20 MM or 4% of global revenue.

GDPR is the single most important piece of privacy legislation in the past 20 years. The regulation will be a catalyst for the adoption of selling tactics focused on authenticity and value in Europe and beyond.

What else is SalesLoft doing on the data protection front?

Data security and privacy are top priorities for SalesLoft. To demonstrate our dedication to security and privacy, we have obtained ISO 27001 certification and a SOC 2 Type 2 report for our platform, and we are currently in compliance with the EU/US Privacy Shield framework. More information on our current security practices can be found on our Security and Compliance page.

Our privacy team has analyzed the requirements of the GDPR and has ensured our policies, procedures, contracts and platform features align with the GDPR.

We have also undergone a full readiness assessment from an independent third party of our privacy controls against the articles of GDPR. The report for this assessment is available under NDA.

We have appointed a data protection officer (DPO) who is one of about 10,000 individuals worldwide who holds the Certified Information Privacy Professional for Europe (CIPP/E) certification.

Questions? Comments?

If you or anyone in your organization has questions about the GDPR, or any of SalesLoft’s security and privacy practices, please do not hesitate to contact our security team by clicking below.