GDPR compliance?

This might be a silly question but to me this topic is a bit of a blackbox. When using NEON as a database, obviously PII data of users will be stored in it. So I am wondering if it is considered as a 3rd party and if there is a consent requirement? If it is enough to list it in the terms and conditions or if there is the need to provide an opt-out :thinking:

After reading this A Rough Guide to Running a GDPR Compliant SaaS Business I believe it is valid to say that sharing PII with NEON DB is considered essential and can be allowed in the terms and conditions without possibility for explicit opt-out as long as we provide a way to the user to delete their PII. Is that correct?

1 Like