Skip to main content
Skip table of contents

GDPR Compliance Policy


At Thru, we are committed to protecting the privacy and security of personal data in compliance with the General Data Protection Regulation (GDPR) and applicable data protection laws.


GDPR Compliance

Data Processing

As a service provider, we act as a data processor for our clients, who are the data controllers. We process personal data strictly in accordance with our clients' instructions and the provisions of our Data Processing Agreements (DPAs).

Data Protection Principles

We adhere to the following GDPR principles when processing personal data:

  1. Lawfulness, fairness, and transparency

  2. Purpose limitation

  3. Data minimization

  4. Accuracy

  5. Storage limitation

  6. Integrity and confidentiality

  7. Accountability

Data Subject Rights

We support our clients in fulfilling their obligations regarding data subject rights, such as the right to access, rectify, erase, restrict processing, object to processing, and data portability.

Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data in transit and at rest

  • Access controls and authentication mechanisms

  • Regular security testing and audits

  • Incident response and breach notification procedures

Training and Awareness

All our employees receive regular GDPR training to ensure awareness and compliance with data protection practices.

Compliance Monitoring

We regularly monitor and review our GDPR compliance through internal audits and assessments.


For any GDPR-related inquiries or concerns, please contact our Data Protection Officer at

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.