GDPR & Tally

GDPR & Tally

This page does not serve as legal advice. Please determine together with your legal advisor how GDPR applies to your business.

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union (EU) privacy law that allows EU citizens and residents to have access and control over their personal data.

Does it affect you?

If your business is based in the European Union (EU), or you process the personal data of individuals in the EU, the General Data Protection Regulation (GDPR) affects you.

Is Tally GDPR Compliant?

Tally is based in Belgium (EU) and complies with the GDPR framework.

The measures we took
  • Our privacy policy gives you more information about what data we collect, data retention and transfers, and outlines your data protection rights.
  • We have a Data Processing Agreement available for you. Email us at and will send it over!
  • All Tally form data is encrypted and stored in Belgium (EU)
  • Data Accessibility: you have full control of the information you collect, store and manage with Tally.

What about data control and retention?

Tally is the provider of a form service, and not the owner of the collected form responses.

The form creator is responsible for the data he/she collects

... and is thus data controller of the respondent data. Tally is the processor and stores information on behalf of the form creators. As long as your account is active you (as the form creator) have full control over the data you collect, and the time period for which you store the data. You are able to delete or export form responses from your account if it would be required to do so. We honor all deletions, and all form data which has been deleted by you is permanently deleted from our back-ups within 90 days.

Tally acts as a data controller in the relationship between Tally and our customers (form creators), for the personal information you give us in order to use our service (registration or billing information for example).

How do I make sure my Tally form is GDPR compliant?

There's several things to consider when collecting personal information (name, email, phone, etc.) with your form.