We’re based in Colombo, Sri Lanka – but we’re clued up on what GDPR means for our European clients and have taken necessary steps to be compliant. Here’s a summary of our plan for compliance:

  1. Staff training
    Every member of our team has completed GDPR training which we refresh every 6 months. You can contact our Data Protection Officer for any queries at dpo@dxdy.tech
  2. Contracts
    We’re updating all our client contracts to include GDPR clauses including annexed model clauses released by the EU to help companies based outside of the EU continue to operate.
  3. Physical security
    Data stored on remote servers is always with global brands with compliance procedures as well as physical and digital security measures.
  4. Downstream contracts
    We only work with GDPR compliant providers for hosting and other technology services. That means they are either EU based, are part of the US Privacy Shield initiative or we a contract in place which includes EU model clauses for GDPR compliance.



Powerful technology solutions done simply, from DxDy.

Interested in speaking about a potential project, drop us a message and we will get in touch!