Steadfast places a high value on security and the compliance needs of our customers. This is why even though we do not operate or process data in the EU, we have chosen to voluntarily comply with the GDPR standards. To assure compliance with the EU requirements for adequate security and privacy standards, we comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, as set forth by the U.S. Department of Commerce. Our continued participation in this program can be confirmed at (https://www.privacyshield.gov/) with the details available in our Privacy Policy (https://www.steadfast.net/legal-information#privacy_policy). Additionally, we complete an annual 3rd party audit of our security policies and procedures as a part of our SSAE18 and SOC 2 audits. These are extensive audits that don't just look at our actual policies, but verify through records and documentation over a 6 month period that those practices and policies are being followed. In meeting these standards, we are confident that Steadfast provides an environment in which you can be completely compliant with GDPR. If you have any other specific concerns or questions regarding GDPR compliance, just ask and we'll be happy to help.