White Label CRM.com by AllClients

Legal

GDPR Compliance

Last updated: June 16, 2026

AllClients, LLC ("AllClients") provides the white label CRM platform behind WhiteLabelCRM.com and is committed to supporting our partners' compliance with the EU General Data Protection Regulation (GDPR).

What Is GDPR?

The GDPR is European Union legislation, effective May 25, 2018, that governs how the personal data of individuals in the European Economic Area (EEA) is collected, used, and protected. It replaced a patchwork of national rules with a single framework and applies to organizations outside the EU that process the personal data of people in the EEA.

Key Principles

The GDPR is built on these principles, which we design our processing around:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality (security)
  • Accountability

Controller and Processor

Under the GDPR, our partners act as the Data Controller for the customer and contact data they manage, and AllClients acts as the Data Processor, processing that data on the partner's documented instructions. Platform data is hosted on managed infrastructure that may be located outside the EEA; we rely on appropriate safeguards for international transfers (see below).

Data Processing Addendum

Our Data Processing Addendum (DPA), included with the AllClients Terms of Service at allclients.com/tos-dpa, sets out the roles, security obligations, sub-processor terms, and data-deletion commitments that apply to processing on your behalf. A current list of sub-processors is maintained at allclients.com/gdpr-subprocessors.

International Data Transfers

AllClients is based in the United States. Where personal data is transferred out of the EEA, UK, or Switzerland, we rely on recognized transfer mechanisms — such as the EU Standard Contractual Clauses and applicable Data Privacy Framework certifications — to provide the required level of protection.

Your Rights

Individuals in the EEA, UK, and Switzerland have the right to:

  • Access the personal data held about them
  • Rectify inaccurate data
  • Erase data (the "right to be forgotten")
  • Restrict or object to processing
  • Data portability
  • Withdraw consent
  • Lodge a complaint with a supervisory authority

Because AllClients is typically the processor, requests about a partner's customer data are generally directed to that partner as the controller. See our Privacy Policy for more on how we handle personal information.

Contact Us

For GDPR or data-protection questions, contact [email protected]. Unresolved EEA, UK, or Swiss complaints may be escalated to BBB National Programs' dispute-resolution service.

This page is general information, not legal advice. If you are unsure whether the GDPR applies to your business, consult your own legal counsel.