Hi,
I work with European clients and need to store their ID card numbers for legal verification purposes. Before we consider using Noloco for this, I need clarification on a few points regarding data protection and GDPR compliance:
-
Is it GDPR-compliant to store personal identification numbers (ID card numbers) in Noloco?
-
Where exactly are the data servers located (EU or outside the EU)?
-
Do you offer a Data Processing Agreement (DPA)?
-
What security controls are in place for sensitive personal data (encryption at rest/in transit, access logs, role-based permissions, audit trail, etc.)?
-
Are there any recommended settings or limitations when storing this type of sensitive data?
Thanks in advance — this is a key compliance point for us.