Skip to content

Data Privacy and GDPR

1. Does Crossbeam have a GDPR-compliant DPA?

Yes, Crossbeam’s DPA can be accessed here.

2. Please provide a listing of Crossbeam's Sub-Processors

An up-to-date listing of Crossbeam’s sub-processors can be accessed here.

3. Does Crossbeam have an Incident Response Plan in place? How often is it reviewed and tested?

Yes, Crossbeam has an Incident Response Plan in place, which is reviewed and tested quarterly.

4. Has Crossbeam experienced a security breach involving customer data?

No.

5. Does Crossbeam update privacy and security policies, procedures, and training as part of its regular business operations?

Security policies, privacy policies, disaster recovery plan, incident response plan, and any other pertinent documents related to privacy and security are reviewed, at minimum, on a quarterly basis by Crossbeam’s Security and Disaster Management Committee, consisting of our Chief Technology Officer, Chief Executive Officer, and Chief of Staff. Our outside counsel provides updates to these policies in accordance with new legislation and practices.

The Crossbeam team is required to review and acknowledge the Employee Handbook and Security Practices Handbook at least annually, or when there are material changes.