The private testing has started!

Pages GDPR privacy policy

The General Data Protection Regulation (GDPR) is legislation that aims to give the residents of the EU and EEA more control over their data.

Introduction to EU GDPR

The EU General Data Protection Regulation GDPR came into effect on May 25, 2018. GDPR does not only apply to EU organisations within the European Union (EU) and the European Economic Area (EEA). It also applies to companies worldwide, as long as they provide goods or services to individuals or monitor their users' behaviour within the EU and EEA. It means any organisation that processes the personal data of EU residents or citizens must comply with GDPR. Including the third-party services your organisation use, such as your email provider. Therefore, if your company communicates with EU customers via email, your email service provider, regardless of where its headquarters or servers are located, must comply with GDPR. That is why more and more companies choose not to use non-encrypted mail service providers such as Gmail and Yahoo. Instead, they increasingly favour encrypted email service providers, such as Liverado.

The central idea of ​GDPR is that personal data belongs to data subjects, not enterprises. It allows people (Data subjects) to better control who has access to their personal information and how it is used. To this end, data subjects can have certain rights. They have a right to know what information organisations store about them. They can also request enterprises delete that information. GDPR also introduced a requirement called "data portability", which gives people the right to access data in a standard format. GDPR requires organisations that process personal data (Data controllers) to establish procedures to respect these rights.

GDPR has established strict new rules for protecting personal data and imposes severe penalties on violations. Data controllers have also assumed new responsibilities for stricter data protection. Data leakage shouldn't damage users' online security and privacy. GDPR forces data controllers to use additional security measures, such as encryption, to make data safe in a data breach event.

Suppose you fail to protect users and their data adequately. In that case, a fine can be up to 20 million euros or 4% of your global annual income, whichever is higher. When determining the severity of penalties, the authorities will consider what steps a data controller has taken. For example, whether the data controller has already used encryption to mitigate the damage to the data subject in a data breach event.

It is important to work with a trusted and security-focused service provider to limit your liability under GDPR. In this regard, Liverado can help you protect your organisation and clients. Encrypted email helps reduce the risk of fines or catastrophic data leakage. On the one hand, you can dramatically mitigate your company risk by using our service. On the other hand, your clients may appreciate that you took appropriate measures to protect their data.

These GDPR documents are worth reading together with your lawyer to understand the many ways GDPR may affect your business.

Encryption is recommended in GDPR. It is a crucial data protection component of GDPR. It is referred to as an example of "appropriate measures" to protect the security of personal data. It ensures the "design data protection" covered by Article 25. Encryption reduces your liability in the event of a data breach under Article 34. The rules indeed will help companies improve their data security.

How do we ensure compliance

Liverado secure email makes email security easy with automatic encryption and an easy-to-use interface. The encryption we use at Liverado meets GDPR requirements while giving you complete control over your data. We have implemented end-to-end encryption that protects your organisation's internal email communications (It also applies when your contacts' email providers support PGP/Inline, PGP/MIME, or S/MIME). And zero-access encryption that protects all your external email communications. Unlike other email services, neither we nor anyone else can see the content of your email, even if our server is compromised.

End-to-end encryption

Since emails are protected by end-to-end encryption, your Liverado inbox complies with GDPR data protection design standards.

Zero-access encryption

Due to zero-access encryption, Liverado cannot access the email content on our servers. That can limit your vulnerability and liability in the event of a data breach.

GDPR Data Processing Agreement

Data Processing Agreement(DPA) constitutes part of the Contract for Services under Terms of Service. The agreement details the specific rights and obligations of the parties and meets the requirements of GDPR compliance.

More and more companies and individuals have adopted encrypted email to defend against cyber attacks and protect sensitive information. Using Liverado is as easy as any non-encrypted email service because all encryption is done automatically behind the scenes. If you have other questions about GDPR compliance and email security, please get in touch with us at

7 Key principles of the EU GDPR

Ready to join Liverado? Start your free 14-day trial today.