PalletVision is GDPR compliant and designed with privacy-by-design principles from the ground up.
Our GDPR Commitments
- Data Processing Agreements (DPA) — we execute DPAs with all customers who require them, clearly defining data processing purposes, retention, and sub-processor usage
- Lawful basis — we process data under legitimate interest (production metrics) and contractual necessity
- Data minimization — we collect only the production metrics needed to deliver our service; raw video is never stored in the cloud
- Right to erasure — customers can request deletion of their production data at any time
- Data portability — production data can be exported in standard formats (CSV, JSON) at any time
Data Residency
- Edge processing happens on your premises — video data never crosses borders
- Cloud-stored production metrics are hosted in data centers within the region specified in your contract
- Sub-processors are documented and available in our Data Processing Addendum
Privacy by Design
PalletVision's edge-first architecture is inherently privacy-friendly:
- No personally identifiable information (PII) is captured — our AI models detect pallets and boards, not people
- No facial recognition — our models are trained exclusively on pallet production objects
- No audio capture — edge devices process video only
- Camera feeds are processed in real time and discarded — no video storage unless explicitly configured for review clips
Sub-Processors
A current list of sub-processors is maintained in our Data Processing Addendum and updated whenever changes occur. Customers are notified in advance of any new sub-processor additions.
Documentation
Our GDPR compliance documentation is available upon request. You can also download our compliance summary below.