GDPR (General Data Protection Regulation) Compliance

General Data Protection Regulation, also known as GDPR is coming into effect on 25th of May, 2018. You can find the full copy of the regulation hereWe are committed to being fully GDPR compliant as a data processor. We already offer features which allow for controlling what data you want to retain in your NomNom account:

  • Our Rules feature allows for setting a custom retention policy of feedback imported into your NomNom account
  • Our API allows for programmatic erasure of your customer’s information
  • Our data exports ensure data portability by using machine-readable formats
  • If you choose to cancel your NomNom subscription your data is completely deleted within 24 hours from the moment your account is closed

If you require a Data Processing Agreement, please contact us via


Data sub-processors

Here’s a list of 3rd party entities with whom we share some of your details, as a NomNom customer:

  • Your Name
  • Email address
  • IP address and location
  • Billing details are given when subscribing to the paid service (postcode and billing address)
3rd Party Service Purpose Website Data Location
Intercom Customer support and communication USA
Amazon Web Services File storage and cloud computing EU, USA
Google Cloud Platform Cloud computing, data storage, and machine learning/natural language processing USA
FullStory Customer support USA
Stripe Payment Processing USA
Sendgrid Transactional Emails, accepting emails sent to NomNom application USA
Mixpanel Product Analytics USA
Amplitude Product Analytics USA
Google Analytics Product Analytics USA, EU
AdRoll Advertising  – retargeting and conversion tracking USA