Cannamplify adheres to the requirements set out in the EU General Data Protection Regulation 2016/679 (GDPR) of the European Union and Parliament.


GDPR has an enormous impact on companies that use, access, reference, store or process any personal data. GDPR clarifies how the EU personal data laws apply within the EU and globally when related to EU residents.

Any organisation that works with EU residents’ personal data in any manner, irrespective of location, has obligations to protect the data.  Cannamplify understands our obligations under GDPR with regards to this data and have put appropriate policies in place to ensure they are met.


These are:


Policies for Data Protection & Retention: Cannamplify maintains a set of policies for the storage, protection and retention of data. Along with procedures to address and review enquires by individuals related to the data we hold on them – these policies, and the monitoring thereof, are overseen by the board of Cannamplify directors.


Procedures for dealing with data breaches: Cannamplify has procedures to respond to data breaches including notifying the appropriate authorities and individuals.


Data Protection Officer: Cannamplify has appointed a Data Protection Officer who is responsible for ensuring overall GDPR compliance for all Cannamplify’s personal data processing activities. The Data Protection Officer reports directly to Cannamplify’s Chief Operations Officer.


Staff Awareness: All staff and associates receive mandatory data privacy and protection awareness training on  joining and via annual refresher courses.


Data Integrity & Security: Cannamplify has a firm commitment to data security, integrity and protection. Cannamplify uses partners that are certified to ISO 27001:2013 Information Security Management System standard to ensure we have appropriate organisational and technical data protection controls in place.


Suppliers: We take appropriate steps to risk assess our suppliers and ensure we have GDPR clauses in all our supplier agreements when required.

For any questions about our GDPR compliance please contact

Making a subject access request

The General Data Protection Regulation (GDPR) 2016/679 provides you with the right to receive a copy of the data/information Cannamplify hold about you or to authorise someone to act on your behalf.

Please complete this form if you wish to see your data, and return by email