GDPR Compliance at Abacus

What is GDPR?

The General Data Protection Regulation is a wide-ranging law designed to protect the privacy of individuals in the European Union (EU) and give them control over how their personal data is collected, processed, and used.  The law applies to any company that collects or processes the data of European consumers.

For more details see our GDPR Blog Post

How is Abacus' Role Defined under GDPR?

To deliver our services, Abacus acts as a data processor with each of our customers acting as the data controller. Abacus receives personal data from our customers in the context of providing expense reimbursements and corporate card management.  

How Abacus Supports GDPR Compliance

In early 2018, Abacus undertook an extensive initiative with a third-party expert to ensure our compliance with GDPR.  Abacus has and will continue to implement and maintain appropriate technical and organizational measures designed to protect and secure customer data including personal data under the guidance of GDPR.  

We’re committed to the compliance of all parties including you, third-parties, and us.  If you have any questions regarding our security practices please reach out to or review our Abacus Security page

Action Items: What You Need to Do Next

  1. Please review our Terms of Service
  2. Please review our revised Privacy Policy
  3. Please review our Cookie Policy
  4. If your organization is subject to GDPR, please review our DPA and, if applicable, countersign and send an executed copy to 
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us