GDPR compliancy
tools in CANDDi

How CANDDi can help you and your business with GDPR

What is GDPR?

The General Data Protection Regulation (GDPR) is a set of laws that aims to provide increased protection of EU citizens’ personal data.

GDPR applies to all organizations that handle, control, or process the data of EU citizens (such as CANDDi), regardless of where in the world those organizations are based.

Under the GDPR, EU citizens possess rights related to the following: data breach, right to access data, right to be forgotten, data portability, privacy by design, and more.

How does it work?

I bet you’re wondering how CANDDi tracking gets around this, since all we do is access people’s data, but there’s no blurred lines here.

GDPR speaks to personal data related to individuals, not businesses visiting your site. So since CANDDi tracks business-related data in the form of your B2B website visitors, you can rest assured you’re not pulling the wool over anyone’s eyes.

Similarly, GDPR compliance encompasses two distinct roles: data controllers and data processors.

As defined by GDPR guidelines, a data processor is an entity (person, public authority, agency, or other body) which processes personal data on behalf of the data controller.

You (the client) are a data controller, whilst CANDDi is a data processor.

Data controllers should use data processors that can effectively demonstrate their compliance with the GDPR.

Our commitment to GDPR

CANDDi takes data protection and security seriously for all of our clients, and we’re committed to being compliant with all GDPR regulations.

Our team works to ensure that we address GDPR from a product, legal, and process standpoint.

This commitment doesn’t stop at the way we collect data either. CANDDi also contains a number of tools to ensure you handle the data in full compliance with regulation too.


If you’re a CANDDi client and you have any questions or concerns about the information on this page, please reach out to our client support team and we’ll be happy to assist.

GDPR and Brexit

Now the UK has officially left the European Union, you might be wondering what this means for GDPR and your data protection.

You can rest assured that whilst there’s been some technical, legal changes, there’s nothing to worry about. The UK's DPA 2018 has already combined the EU GDPR’s requirements into UK law.

This means that from 1 January 2021, the DPPEC (Data Protectionc, Privacy and Electronic Communication) Regulations have merged the old GDPR requirements to form a new, UK specific data protection regime.

his new regime is known as ‘the UK GDPR’ and will work exactly as you know it.



Please note: The information on this page is provided for informational purposes only and does not constitute legal analysis and/or advice. Please consult with legal counsel to understand all legal implications of the GDPR and how they relate to your business practices.