Global Privacy and Data Protection

Barracuda takes data protection seriously. We have established a global privacy program to ensure that Barracuda handles the data it collects in a compliant and transparent manner.

Customers use Barracuda’s products to help them with their unique privacy compliance obligations. Review our product documentation for specific features to determine how Barracuda’s products fit into your privacy and data protection program.

Our contractual commitments to privacy, including our Global DPA, are accessible on our Privacy Documentation page.

European Data Protection

The European Union’s General Data Protection Regulation (GDPR) is a comprehensive data protection law. GDPR’s primary goal is to enhance individuals’ control over their personal data. This regulation applies to any organization that processes the personal data of EU residents, regardless of its location.

The UK GDPR and Swiss Federal Act on Data Protection (FADP) similarly implement strict data protection standards and privacy principles. These three European regulations set the tone for data protection worldwide and at Barracuda.

Barracuda aligns our global data privacy program with the GDPR Privacy Principles and follows the GDPR’s standards for processing personal data. For international transfers of data, Barracuda maintains a certification under the Data Privacy Framework and leverages the EU Standard Contractual Clauses (SCCs) where applicable.

United States Data Protection

Privacy law in the U.S. is rapidly evolving, creating a dynamic landscape of regulations that impact Barracuda and our customers. With laws like the California Consumer Privacy Act (CCPA) at the forefront, it’s essential to stay ahead of these changes. Our dedicated Barracuda Privacy Team is committed to ensuring that data handling aligns with relevant federal and state data protection laws.

Industry Specific Data Protection

HIPAA: Covered Entities under the Health Insurance Portability and Accountability Act (HIPAA) frequently leverage Barracuda products to protect protected health information (PHI).  Customers wishing to establish a Business Associate relationship with Barracuda per 45 CFR 164.502(e) and 164.504(e) can execute our Business Associate Agreement (BAA).

Data Privacy for Education: Barracuda is proud to protect the data of educational organizations across the world. In some cases, a local privacy regulation may require our educational industry customers to enter into privacy agreements with Barracuda. Reach out to privacy@barracuda.com for assistance with educational privacy terms.

FERPA: Education organizations subject to the Family Educational Rights and Privacy Act (FERPA) rely on Barracuda products to protect their organizations and as part of their cybersecurity compliance obligations under various laws, including FERPA. Please review specific product information for more details.