Userbase GDPR compliance

The EU General Data Protection Regulation (GDPR) went into effect on May 25, 2018. Userbase is ready.

Does GDPR affect me?

If you’re based in the EU or have users from the EU, then GDPR applies to you. By storing certain personally identifiable data in Userbase, such as usernames and email addresses, you become a Controller of personal data under GDPR, so you need to enter into GDPR-compliant data processing agreements with any online services and third party vendors you rely on, including Userbase. These agreements are commonly called a Data Processing Addendum, or DPA.

Data Processing Addendum

You will soon be able to sign the Userbase DPA online. In the meantime, please send us an email at and we will provide you with our DPA.


Userbase uses third party subprocessors, such as cloud computing providers and payment processors, to provide our services. We enter into GDPR-compliant data processing agreements with each subprocessor, and require the same of them. List of Userbase subprocessors.