Skip to main content

Is Harmony GDPR Compliant?

Harmony is fully compliant with the General Data Protection Regulation (GDPR). We provide the tools and agreements necessary for you to process data for EU residents legally.

Is Harmony GDPR compliant?

Yes. We support all major GDPR requirements, including:

  • Data Processing Agreement (DPA): Available for all customers.
  • Standard Contractual Clauses (SCCs): Included for data transfers.
  • Data Subject Rights: Tools to export, rectify, or delete data.
  • EU Data Residency: Option to store data exclusively in EU data centers (Enterprise).

Your role vs. Harmony's role

Under the GDPR, there are two key roles with distinct responsibilities: the Controller and the Processor.

As the Controller, you (the customer) determine the purposes and means of processing personal data. This means you decide why and how recordings are made, are responsible for obtaining the necessary consent from participants, and for responding to any requests from individuals regarding their personal data—such as requests to access, rectify, or delete information.

Harmony acts as the Processor. Our role is to process data solely based on your instructions. We are responsible for implementing robust measures to secure your data and the supporting infrastructure. Additionally, Harmony has a duty to report any personal data breaches within the required timelines and to assist you in fulfilling your GDPR obligations.

This clear division of responsibilities ensures transparency and compliance throughout all stages of data handling with Harmony.

Handling data subject requests

Under GDPR, individuals have the right to access, correct, or delete their personal data.

Right to Erasure (Deletion) You can delete any meeting recording and transcript directly from your dashboard. This permanently removes the data from our systems within 30 days.

Right to Access (Portability) You can export full transcripts and summaries in standard formats (PDF, JSON) to fulfill subject access requests.

Right to Rectification If a transcript contains errors, you can edit the text directly in the Harmony interface to ensure accuracy.

Data Processing Agreement (DPA)

We offer a pre-signed DPA that governs our processing of your data.

  • Request a DPA: Email [email protected] with your company details.
  • Sub-processors: Our DPA includes a transparent list of all third-party vendors we use (e.g., cloud hosting, AI models).

Data residency

For Enterprise customers with strict residency requirements, we can configure your workspace to store and process data exclusively within the European Union. Contact [email protected] to enable this setting.