Skip to main content
New Message Replay technology — a safety net for your migration emails
Brad Slavin By Brad Slavin, CEO at DuoCircle · Updated April 2026

GDPR Compliance at Tenant Migration

We take the privacy of EU citizens seriously. Tenant Migration is designed from the ground up to comply with the General Data Protection Regulation, ensuring your organization's email data is protected with the highest standards of care during every migration.

Our Commitment

How Tenant Migration Protects EU Data

Built for GDPR from Day One

Tenant Migration is a pass-through email queuing service. We temporarily hold your emails during a tenant-to-tenant migration and deliver them to your new provider. We do not read, mine, profile, or analyze email content. Our role as a data processor is narrowly defined: queue, deliver, delete. This architecture inherently limits data exposure and aligns with GDPR's core principles of data minimization and purpose limitation.

DuoCircle LLC, the company behind Tenant Migration, has operated email infrastructure since 2014. Our SOC 2 Type II certification, independently verified through annual third-party audits, covers security, availability, and confidentiality -- the same controls that underpin our GDPR compliance posture.

Compliance Areas

GDPR Compliance in Detail

EU Data Zone Availability

We operate geographically diverse queuing zones. EU customers can select an EU-based queuing zone so their email data is processed and stored within the European Union, meeting data residency requirements under GDPR. Your data stays where you need it to stay.

Data Processing Agreement

We provide a comprehensive Data Processing Agreement based on the Bonterms open framework. The DPA establishes clear obligations for data handling, sub-processor management, security measures, and breach notification -- everything Article 28 of the GDPR requires.

Review our DPA →

Data Minimization

We only process what is strictly necessary. Emails pass through our queuing infrastructure in transit -- we do not profile recipients, run analytics on email content, build advertising profiles, or retain data beyond what is required for delivery. Our processing purpose is singular: queue and deliver.

Right to Erasure

When you terminate the service, all data is securely and permanently deleted -- emails, metadata, backups, and logs. Email queue data is automatically deleted after successful delivery or after 45 days, whichever comes first. We issue a certificate of deletion upon request.

Data Portability

Your emails are delivered directly to your new tenant -- they are never locked into our platform. Tenant Migration is a transit service by design. Once your migration is complete and emails are delivered, there is nothing held back. Your data belongs to you.

Sub-Processor Transparency

We are transparent about the infrastructure partners involved in processing your data. Our sub-processors include Cloudflare (for DDoS protection and DNS), and our own data center infrastructure for email queuing. We notify customers at least 30 days before engaging any new sub-processor, with the right to object.

Safeguards

International Transfers and Incident Response

International Data Transfers

When data is transferred outside the EEA, we rely on legally recognized transfer mechanisms to ensure continued protection:

  • Standard Contractual Clauses (SCCs) -- EU Commission-approved clauses included in our DPA for transfers to the US and other non-adequate countries
  • EU-US Data Privacy Framework -- We monitor adequacy decisions and adapt our transfer mechanisms accordingly
  • UK International Data Transfer Addendum -- Included for transfers involving UK personal data
  • Swiss FADP compliance -- Covered under our cross-border transfer mechanisms

Data Breach Notification

We maintain a documented incident response plan and commit to rapid, transparent communication in the event of a security incident:

  • 48-hour notification -- We notify affected customers within 48 hours of becoming aware of a security incident, exceeding the GDPR's 72-hour requirement for our controller-facing obligations
  • Detailed incident reporting -- Notifications include the nature of the breach, categories and volume of data affected, likely consequences, and measures taken to mitigate
  • Remediation assistance -- We assist your organization in meeting its own notification obligations to supervisory authorities and data subjects
  • 24/7 security monitoring -- Continuous monitoring with automated alerting to detect incidents early
Contact

Privacy and Data Protection Inquiries

If you have questions about our GDPR compliance, need to exercise your data protection rights, or want to discuss our data processing practices, our privacy team is here to help.

Mailing Address

DuoCircle LLC
5965 Village Way Suite 105-234
San Diego, CA 92130

Data Processing Agreement → Privacy Policy → Security Practices →

Ready to Migrate with GDPR Confidence?

SOC 2 Type II certified. EU data zones. Full DPA available. Your data is protected.

Get Started