The EU's General Data Protection Regulation (GDPR) provides customers with control over their personal information that businesses store and handle, without trade-offs.

Chargebee as a Data Controller

To fulfil legal obligations under GDPR, as a data controller, we have performed the below steps:

  • Data Categorization and Analysis, to track the flow of personal data through our systems.

  • Data Retention - By establishing an automated data retention mechanism, we clear the customer’s Personally Identifiable Information (PII), and all end-user data from our databases, within a period of 120 days.

  • Consent Mechanism - we collect consent from our customers wherever it’s applicable, and also provide an easy way to withdraw it.

Chargebee as a Data Processor

To aid the Chargebee users to be GDPR compliant, we provide 

  • Consent Management: This feature allows you to obtain and revoke explicit consent from your customers and manage it within Chargebee. More on this here.

  • Personal Data Management: Chargebee gives you full control over how personal data of your customers is retained on our systems or erased from it. More on this here.