GDPR compliance information for Bitrix24 users from the European Union

Bitrix24 is committed to meeting General Data Protection Regulation (GDPR) requirements, which came into effect on May 25, 2018. Please refer to the information below for details.


Data Processing Agreement

Bitrix24 provides all of its customers from the European Union with the digitally signed Data Processing Agreement and information about Bitrix24 infrastructure, sub-processors and joint controllers.

International Data Transfers

Data in,,, and domain zones is hosted inside the European Union in Frankfurt, Germany with Amazon Web Services data centers, which are fully GDPR compliant -,,,, and accounts are hosted OUTSIDE the European Union, thus international data transfers take place. We recommend Bitrix24 users from the European Union use Bitrix24 accounts that are hosted in the European Union. Please note that commercial Bitrix24 account users can request their data to be transferred to the EU data centers via helpdesk - On-premise Bitrix24 editions are also available for purchase.

Security Statement

We take a number of steps to protect the security and integrity of data stored with Bitrix24. All web connections for data transfer encrypted, data is isolated, and two factor authorization is available (Bitrix24 OTP or Google Authenticator). Full information on Bitrix24 security mechanisms and protocols is available at

Data Portability and Anonymization

We provide special marketplace applications that allow Bitrix24 administrators to comply with GDPR data pseudonymization and portability requirements. The first application anonymizes personal data for any Bitrix24 user upon request. The second application allows any Bitrix24 user to download personal data collected inside their account.

Privacy Policy

Privacy and cookie policy for Bitrix24 users from the European Union has been updated in order to meet GDRP requirements. The updated policy for Bitrix24 is available at