1. Home
  2. Frequently Asked Questions
  3. Common questions on OneSignal and GDPR compliance

Common questions on OneSignal and GDPR compliance

Does a OneSignal paid plan ($99/month) automatically opt out a customer of data collection in the app – data sharing with third parties?

Yes, OneSignal’s paid plans do not share any data with 3rd parties.

If we use a free plan from OneSignal does that mean that an EU company would not be compliant with GDPR?

Generally there are 2 options in working with OneSignal:

  1. Stay on the free plan and ask users to opt-in to share their data with services you use (including OneSignal).
  2. Upgrade your OneSignal Plan

The first option keeps OneSignal free, but puts the burden on you to make sure users opt-in. The second option shifts the onus to OneSignal. For additional guidance on any specific GDPR responsibilities, we recommend working with your legal counsel.

OneSignal’s paid plans do provide a DPA and model clauses which help provide the necessary legal framework for the data processing on your behalf and for EU-US data transfer. They work with many enterprise businesses in the EU/UK and this has not been an issue as long as the DPA is in place.

Updated on February 19, 2019

Related Articles