Compliance Center

Learn how we comply with GDPR, CCPA, FERPA and other security and privacy regulations.

The security program at Nextup protects our organization and your data at every layer

SOC 2 - Type II

Nextup has been audited annually according to the Trust Services Principles. A copy of our SOC-2 Type II report is available to customers upon request and prospective customers with an MNDA in place.

HIPAA Compliance

Nextup can be configured for HIPAA compliance, including electronically protected health information (e-PHI).

More on compliance at Nextup

Frequently Asked Questions

How do we help you comply with the GDPR?

We are committed to helping our customers and users understand, and where applicable, comply with the General Data Protection Regulation (GDPR). For more, please see our commitment page.

Does the GDPR require EU personal data to stay in the EU?

The GDPR does not require EU data to reside in the European Union. Nextup’s Data Processing Agreement, and the European Union’s Model Clauses, will continue to ensure compliance for EU personal data transfers outside of the EU.

How do we help you comply with the CCPA?

We’re committed to helping our customers and users understand and exercise their rights under the California Consumer Privacy Act (CCPA). On this page, we clarify Nextup’s role and obligations under the CCPA and provide additional information to help our customers meet their compliance needs.

Do you have a Data Processing Agreement?

Nextup offers Data Processing Addenda that supplement the Customer Terms of Service or any MSA.

Who are your Subprocessors?

This page provides important information about the identity, location and role of Nextup Subprocessors.

Can I request a copy of Nextup’s SOC 2?

Yes, you can make this request using our Privacy and Security Form

Do you have additional resources for Security questions?

We do! Please visit our Security page for more information.