Deel Legal Hub
The information provided here is for Deel customers and users who have legal questions about our products, terms, policies, and compliance.
DPA FAQs
FAQs
Is Deel GDPR compliant?
Yes, Deel is GDPR compliant.
As an HR and global payroll platform for remote teams, Deel has many Clients and Users subject to the GDPR which means that its applicable requirements apply equally to Deel. To find out more about how Deel complies with the GDPR and other privacy requirements, see our Privacy Policy.
Does Deel have a DPO?
Yes! Deel has a Data Protection Officer and a dedicated Privacy Compliance team to manage all data protection and privacy considerations. Our DPO advises and monitors compliance with the GDPR. You may contact our DPO at dpo@deel.com
I want to make a data subject request to Deel, who can I contact?
If you wish to exercise your rights as a data subject, such as the right of data access or data deletion, you can contact our Privacy Team directly at dpo@deel.com
Does Deel keep a Record of Processing Activity (ROPA)?
Yes. Deel has a ROPA that covers all data processing activities at Deel. The ROPA is updated regularly.
For customers where we act as a Processor, you request a copy of our ROPA at dpo@deel.com
Does Deel transfer personal data to countries outside of the EU/EEA?
Yes. Deel relies on the EU-approved Standard Contractual Clauses (SCCs) for EU outbound data transfers when there is an absence of an adequacy decision.
SCCs are included in the DPA in the section ‘Cross-border data transfers’. See our Data Processing Addendums page for more details.
Does Deel have safeguards for sharing personal data with the US?
Yes. Deel is self-certified under the EU-US Data Privacy Framework. As a protective measure, we also rely on Standard Contractual Clauses (SCCs) for EU outbound data transfers.
Deel also has a Transfer Impact Assessment (TIA) setting out the potential risks associated with the transfer.
Where does Deel store personal data?
As the servers of the Deel Platform are located in Ireland, Deel stores the personal data of Clients and Users predominantly within the EU. Deel's marketing data is located in the USA.
Deel engages with Sub-Processors to process personal data in the USA but stores personal data on servers located in the EU.
Where can I find a list of Deel's sub-processors?
Deel's list of sub-processors is available on the Deel platform here.
Log in to your Client account to access the sub-processor list.
Is Deel SOC 2 compliant?
Yes, Deel is SOC 2 compliant. Our SOC2 certification is updated annually. Information on Deel's SOC2 certification can be found on the Deel Trust Center.
