SoundingBox will end operations on August 1, 2021. Read the announcement. [x]

# GDPR Notice

SoundingBox has taken steps to ensure that it is compliant with the General Data Protection Regulation (EU) 2016/679 (GDPR) with regard to your Personal Data.

In compliance with the GDPR we have appointed a Data Protection Officer (DPO) who is responsible for privacy and data protection concerns related to SoundingBox. The DPO can be reached by emailing

# GDPR Compliant Privacy

Our general Privacy Policy and Participant Privacy Policy have been updated to address all GDPR matters.

Should the GDPR apply to you, you have certain rights regarding your Personal Data.

# Right to Informed

You have the right to be informed about what we are doing with your Personal Data. We do this in our Participant Privacy Policy and general Privacy Policy.

# Right to Access and Portability

If the GDPR applies to you, you have the right to request a copy of the Personal Data we hold about you.

# Right to Rectification

You have the right to correct any Personal Data we have about you if it is incomplete or inaccurate.

# Right to Restrict Processing and Erasure

You have the right to limit or suspend any processing by us of your Personal Data. You have the right to have us permanently erase the personal data we have about you unless it necessary for us to comply with a legal obligation under the GDPR.

# Right to Data Portability and Access

You have the right ask us for a copy of your Personal Data.

# Right to Object

You have the right to object to any use of your Personal Data and restrict or suspend the processing of your Personal Data.

If you are located in the European Economic Area (EEA) and wish to exercise any of these rights please contact with your request.

We will provide your Personal Data to you free of charge unless your request is clearly unfounded, repetitive or excessive. We may refuse to comply with your request under those circumstances.

We may need to request Personal Data from you in order to confirm your identity to honor your request.

# Information Security

The security of your Personal Data is important to us. We comply with the security requirements of the GDPR that regulate then processing of Personal Data. The security measures include the following:

  • Continuous monitoring of infrastructure and applications
  • Regular security testing
  • Data encryption at rest and in transit
  • Drafting of and compliance with an Information Security Policy (ISP)
  • Drafting of and compliance with a Business Continuity Plan (BCP)

Copies of our ISP and BCP may be obtained by emailing

Our cloud provider Microsoft Azure maintains multiple security and compliance certifications. More information can be found here.

If you have any questions, comments or concerns about this GDPR notice please be in touch by emailing