General Data Protection Regulation (GDPR)​

Last updated: 

October 5, 2023

European Union General Data Protection Regulation

Effective May 25, 2018, the General Data Protection Regulation (GDPR) is a significant change to European Union (EU) privacy law. The regulation prioritizes an individual’s right to control their personal information. It imposes new rules on companies, government agencies, non-profits, and other organizations outside the European Union that process personal data related to the offering of goods and services to people in the European Union (EU), or that monitor the behavior of EU citizens within the European Union. 

We are committed to compliance with the GDPR by providing privacy protection to all users. 

How GDPR applies to

Esri is a controller of personal information, and that information is stored in the United States. We control the personal information of those with whom we directly interact. Examples of this are users who visit or fill out a form on  

The GDPR details six legal bases that allow controllers to process personal information. They are: contractual necessity, legal obligation, vital interests, public interest, legitimate interest, and consent. Most of the work we do with users is classified as contractual necessity or legitimate interest. In other cases (e.g., web browsing tracking, marketing), we obtain direct consent before collecting any personal information. 

How we are taking action

We are committed to protecting your personal information from any attacks or data breaches. We have implemented appropriate security controls throughout our business systems. In the unlikely event of data breach, we will honor the GDPR requirements for notification. 

Esri has created a Data Transfer Agreement that sets the conditions related to privacy, confidentiality, and security of EU personal data associated with services.  You may download, countersign and retain a copy of the appropriate Data Transfer Agreement for your records; you do not need to return a copy to Esri. 

DPO and EU Representative

Our Data Protection Officer (DPO) and an EU Representative can be reached as indicated below.

Data Protection Officer: Ksenia Turk
Address: 380 New York St., Redlands, CA 92373
Telephone: +1 909 793 2853

EU Representative: nFrames GmbH, Esri R&D Center Stuttgart
Address: Kornbergstraße 36, 70176 Stuttgart, Germany
Telephone: +49 711 997 887 28

More information

If you have any questions or concerns regarding privacy issues or the GDPR, please contact

Questions about privacy use on

Add New Playlist

Thank you!

We have received your request and will send updates about to your email:

Sign Up For Updates

Skip to content