TokenEx Completes CSA Code of Conduct for GDPR Compliance Self-Assessment


Edmond – Nov. 20, 2020 – Cloud tokenization provider TokenEx has completed the Cloud Security Alliance Code of Conduct for General Data Protection Regulation Compliance, certifying the company’s adherence to GDPR’s legal and technical requirements.

“The Code of Conduct allows us to publicly demonstrate that we comply with GDPR,” said Chris Dixon, TokenEx’s manager of governance, risk, and compliance. “We must not only respond to the questions in the assessment, but also quote from publicly available documentation as evidence. Our responses were reviewed by a GDPR SME with the Cloud Security Alliance to provide further assurance beyond a typical self-assessment.”

The CSA Code of Conduct for GDPR Compliance provides a consistent and comprehensive framework for complying with the EU’s GDPR. The self-assessment serves both as a compliance tool for GDPR and as transparency guidelines regarding the level of data protection offered by a cloud service provider.



“There are few better ways to showcase your commitment to privacy than CSA's Code of Conduct for GDPR Compliance,” Jim Reavis, co-founder and CEO, Cloud Security Alliance, said. “Completing this self-assessment proves that TokenEx has a thorough understanding of the GDPR's legal and technical requirements and has the necessary framework in place to meet them.”


The Code of Conduct helps cloud service providers determine the degree to which they must protect customer data. It also can be used as a method for customers to evaluate the security and compliance standing of a cloud service provider. Customers can be confident that cloud service providers who complete this assessment follow the best practices for security and data protection.

“For full transparency, we provide documentation on our website to support our responses,” Dixon said. “Giving customers assurance of compliance with GPDR requirements can be challenging. By completing this assessment, we not only can state that we are compliant, but we can better demonstrate it as well.”

TokenEx was founded by security experts to reduce the risk of data theft and mitigate the cost and complexity of compliance. Its Cloud Data Protection Platform can protect any structured data set, accept sensitive data from nearly any channel, and transmit data to any third-party API endpoint. This flexibility enables organizations to align compliance with commerce to achieve company-wide success.

Topic(s): compliance , privacy