GDPR Compliance & Privacy

Protecting the personal data of our customers and employees continues to be a priority. In 2016, the European Union approved a new data privacy law called the General Data Protection Regulation (GDPR), which applies to all organizations that collect the personal data of EU citizens.

GDPR web image

How has EBSCO prepared?

Our ongoing compliance effort builds on our existing investments in privacy, security and operational processes necessary to meet the requirements of GDPR and other applicable regulations. As a data processor, EBSCO understands its obligation to help its customers comply with GDPR.

View our privacy policy

View our list of sub-processors

How We Provide Customer Assurance

  • Personal data practices

    We have done a thorough review of the personal data collection practices for all our applications and documented the various sources of data. Automated measures have been implemented that meet GDPR compliance.

  • Providing visibility and transparency

    Our role is to provide our customers and their end users with the access to effectively manage and protect their personal data. We’ve developed automated measures that provide transparency to our customers.

  • Enhancing data integrity and security

    We maintain technical and organizational security practices and measures to protect the confidentiality, security, availability and integrity of our customer data.

  • Portability and transferability of data

    Every end user should have the ability to receive, erase or transfer all of their personal data. With that in mind, we have implemented new features and are continuing to work on product enhancements that optimize these capabilities.

  • Data processing agreements

    We have used strong data processing agreements in the past, and revisions have been made so these and future agreements meet the GDPR requirements.


Learn more about EBSCO GDPR compliance.

Learn more about EIS Information Security Policy and Practices.