Mav Farm strongly believes that customers should be able to control their data and trust that information is protected when stored in its servers. To support this, Mav Farm holds itself to strict data security and privacy standards, including compliance with the General Data Protection Regulation (GDPR).

The following information serves as an overview of the key information about the GDPR and the services that Mav Farm provides that align with the regulation. View this page to see the formal statement of Mav Farm's approach to the GDPR.


This 2-page PDF answers the following questions: 

  • What is the GDPR?

  • How does GDPR impact Mav Farm and its customers?

  • Is Mav Farm collecting data?

  • Does GDPR require data to stay in the EU or to be stored in the EU?

  • Will Mav Farm be compliant with GDPR?

  • Will Mav Farm enter into a Data Processing Agreement (“DPA”) with me?

  • Does Mav Farm have publicly available information about its security program?

Supporting Data Subject Rights

As controllers of personal data, Mav Farm and its customers must uphold certain rights stated by the GDPR, including:

Right to Access and Data Portability

Mav Farm will support individuals’ right to access and right to portability of their personal data through individual export requests. Any Mav Farm account holder will be able to request an export of one’s own personal data, as well as the personal data of their own end-users. The form for submitting end user personal data export requests and for submitting account holder data export requests is available through the Data or Privacy portal in Account settings on Mav Farm and Sho_w. 

Right to Erasure

We support individuals’ right to erasure through a permanent deletion of personal data upon request.

Right to Object

Our customers control what data is sent to Mav Farm, and may decide to halt the sending of personal data at any time. To assist with supporting individuals’ right to object to the collection of one’s personal data, Mav Farm also has built dedicated methods for our client-side SDKs that can be used to opt end users out of tracking.

Mav Farm collects information about how customers use the product, and uses this data to identify product gaps and improve existing products. While this information is useful, Mav Farm recognizes the importance of an individuals right to object. Mav Farm has therefore streamlined opt-out systems for its customers, who can opt out of tracking through simple controls, located in the Privacy portal in their Account settings.

Privacy by Design

Mav Farm builds products with privacy and security central in its design. See the information below for more details about the safeguards that Mav Farm puts in place to protect customer data.

Security White Paper

This 13-page PDF is an overview of the Mav Farm Security Program and Practices, including:

  • Data Collection

  • Physical Security

  • Employee Security Awareness

  • Incident Response  

  • Security features and functionality

  • Application and Network Architecture

Security Questionnaire 

This 4-page PDF contains 24 questions and detailed answers covering:

  • Data Center Features

  • Data Retention and Deletion

  • Data Security and Management

  • Encryption and Password Management

  • HR/Corporate Policies

  • Audits

  • Threat and Vulnerability Management

Data Retention Policy

As processors of its customers’ data and to protect the privacy of information it stores, Mav Farm holds data no longer than is needed to provide its services. To further support this, Mav Farm is implementing a data retention policy starting May 25th:

  • Events received over 5 years ago are automatically deleted on an ongoing basis from all projects.

  • People data is retained indefinitely. Customers are given the ability to delete profiles.

This policy includes projects that were deleted or reset through the Project Settings -- deleting a project through the Project Settings triggers a soft deletion, and the data in the deleted or reset project will remain stored in Mav Farm according to event and people data retention policies.

Custom data retention windows can be set for people data by sending regular deletion requests. For more questions about setting custom data retention windows, contact our support team.

Additional Information and Resources

Data Processing Addendum

Mav Farm has updated its DPA to ensure compliance with all GDPR-specific requirements. This supplements Mav Farm's Terms of Use and provides contractual safeguards to its customers for the processing of personal data sent through Mav Farm. The DPA enables Mav Farm's customers comply with the GDPR.

Data Protection Officer

Mav Farm has a dedicated Data Protection Officer (DPO), along with a team of privacy and security professionals dedicated to our compliance and to helping you maintain your compliance when using Mav Farm.

If you would like to reach our DPO or have or have follow-up questions please reach out to us at

  • Mav Farm & the GDPR


  • Security White Paper

  • Data Processing Addendum

  • Security Questionnaire

  • GDPR Readiness Blog Post

  • Terms of Use

Did this answer your question?