EU General Data Protection Regulation

Modulais (a brand of Creadus Oy, based in Jyväskylä, Finland) is committed to designing and delivering AI automation solutions that comply with the General Data Protection Regulation (EU) 2016/679 (GDPR) and relevant local data protection laws.

As a solution provider and data processor, we embed data protection and privacy by design into the systems we deploy for our clients.

1. Our Role Under GDPR

Modulais typically acts as a data processor, delivering automation and AI systems that operate on behalf of the client (the data controller). We process data strictly within the scope defined by the client and never use it for our own purposes.

If we engage sub-processors (e.g., hosting or cloud platforms), we ensure they meet equivalent GDPR standards through binding contractual agreements.

2. Data Hosting and Residency

We support flexible deployment options based on your compliance needs:

EU/National Hosting: Solutions can be designed to store and process data exclusively within the European Union or specific national jurisdictions upon request.
Cloud-Based Options: We support GDPR-compliant cloud platforms (e.g., Google Cloud, Microsoft Azure, AWS) where preferred, with secure architecture and standard contractual clauses (SCCs) as needed. 

3. Compliance by Design

All Modulais systems are designed according to GDPR principles, including:

Lawful, fair, and transparent processing
Purpose limitation and data minimization
Integrity, confidentiality, and accountability
We follow privacy-by-design and privacy-by-default practices and assist clients with documentation, security assessments, and compliance integration as part of solution delivery.

4. Security Measures

We implement strict technical and organizational controls to protect data processed via our systems:

Encrypted data transmission and secure APIs
Role-based access control and audit logs
System hardening and breach monitoring procedures
Our team members are trained in GDPR and bound by confidentiality.

5. Client Assistance & DPA Availability

We support our clients in:

Fulfilling data subject rights (access, rectification, erasure, etc.)
Responding to regulatory inquiries or audits
Providing Data Processing Agreements (DPAs) upon request, covering processing scope, retention, deletion, and sub-processor details. 

6. Questions or Requests

To request a Data Processing Agreement, compliance documentation, or security details, please contact our data protection team:

[email protected]

Modulais builds intelligent automation systems that scale business processes without compromising security or compliance. We help you scale smarter—safely and legally.