Our GDPR compliance

A new standard of data protection called GDPR has taken effect across the EU (as of May 25, 2018). It places several new obligations on companies handling or tracking personal data.


We have fulfilled our obligations in preparing for this new law. This page is our hub for GDPR at Marvel, containing the latest news, plans and resources for ourselves and our customers.

What is GDPR?

GDPR stands for General Data Protection Regulation and is a new comprehensive data protection law in the EU that replaces existing laws to strengthen the protection of personal data and the rights of the individual. It is a single set of rules, directly enforceable in each EU member state.

How we prepared for GDPR at Marvel

We're committed to meeting our legal obligation and helping our customers become compliant. We've made some key policy, product and term updates, including:

  • Our internal security and NOC team evaluated our internal data processing procedures meaning all of our customer's personal data is in good hands.
  • We made product changes that allow our users to manage their data in a private, safe and secure way.
  • Marvel is an EU based company. This means all of our EU customer data is stored within our servers in the EU and are not transferred outside of the EU without our customer's consent.
  • All of our internal teams have undergone training and go through regular auditing to ensure that we are complying and handling all of our customer data within the requirements of GDPR

Security and Privacy at Marvel

At Marvel we task the security and privacy of our customers information very seriously. Our customers and partners expect no less from our service and we continuously invest in it.

Our data centre providers maintain multiple certifications, including with SOC 1, SOC 2, SOC 3 and ISO27001. In addition, all data is encrypted both in transit and at rest using strong encryption.

We are constantly monitoring and improving Marvel to create a robust security framework that allows us to meet the growing needs of the industry.

If you would like to learn more information about security at Marvel, head to our security page or contact the team here

Requesting to be Forgotten

If you would like Marvel to delete all your personal data including your Marvel account, please get in touch here, and use the subject line 'GDPR Request to be Forgotten'.

Our team is here to help

We're excited to work together with our customers and partners in further strengthening data privacy with GDPR. Our London-based team is here to help with any security, privacy and data questions you have. Get in touch.

Read more about GDPR here.

Was this article helpful?
2 out of 4 found this helpful