Data Privacy and GDPR

GDPR Resources

You are here


Here at Amber Road, we know of nothing more important to our clients than the privacy and protection of their data, especially in light of the new EU General Data Protection Regulation (GDPR). Below is information you may find helpful to understand Amber Road’s commitment to privacy and the steps we have taken (and continue to take) in order to comply with ever-changing data privacy laws, including the GDPR's new strict standards, all as part of our ongoing commitment to protect data privacy.

Hand in hand with data privacy is data security. As a leading SaaS provider for over 20 years, we understand that cloud-based solutions raise questions and concerns, particularly when data breaches seem to dominate the news. We've done a lot during that time to incorporate rigorous client data and network security practices as a part of our core service. While there’s no bulletproof solution to data protection, we do everything we can to continually review and improve our security practices and procedures to minimize risks. We invite you to review our Network Security White Paper, and if you are an existing client, we are happy to provide to you a copy of our Security, Availability, Processing Integrity, Confidentiality and Privacy audit report (AT101 SOC 2 Type II) conducted by independent third-party auditors.


Data Privacy and GDPR FAQs

Get answers to all of your questions about how Amber Road manages Data Privacy and GDPR compliance.



Client Data and Network Security White Paper

Key things to know about how Amber Road's Network Security protects your data and privacy.



Privacy Shield Certifications

View our EU-US and Swiss-US certifications


For information relating to the Privacy Shield Framework: CLICK HERE >>

For information on Amber Road’s Privacy Shield Policy: CLICK HERE >>

For information on Amber Road’s Privacy Shield Certification: CLICK HERE >>

Amber Road Privacy Policy

Updated regularly to address changes in data protection laws and practices



Client GDPR Data Processing Addendum

Clients can enter into a GDPR compliance data processing addendum to cover EU persona data processed by Amber Road