Jumio is not only fully GDPR compliant as a data processor, with a robust and transparent program for maintaining all standards laid out in GDPR, but also our identity verification solution is a key GDPR enabler, offering customers the ability to maintain data protection and contribute to their compliance with GDPR requirements.
GDPR categorizes data holders into two groups: processors and controllers.
There are additional required measures, processes and documentation requirements for controllers. Jumio is considered a data processor.
Moreover, Jumio is also PCI-DSS compliant. This means that we’ve adopted a strict set of security standards designed to ensure that identity and PII-related information are encrypted, stored and maintained in a secure and vetted environment.
Statement of Compliance
Jumio uses the European data privacy directives as the baseline for its data privacy compliance globally. Effective February 1, 2018 all necessary steps to achieve GDPR compliance have been completed. Jumio’s data privacy compliance program is applicable to all categories of personal data, including biometric data.