1. Toku Help Center
  2. Privacy and Security

Does Toku have to comply with GDPR or HIPAA?

Looking for information on how Toku can support GDPR or HIPAA compliance? Here's some information about our approach to these laws.

There are a number of important regulations that many people assume all companies must follow, no matter where they are based. These regulations may apply to companies that are headquartered outside of the areas where these regulations apply.

So, put simply, "It depends," is the answer to this question.

With regard to the examples of the Health Insurance Portability and Accountability Act (“HIPAA”), and the General Data Protection Regulations (“GDPR”), Toku is subject to other laws which provide similar protection to our customers and the end-users of our products and services, but not specifically to HIPAA or the GDPR.

From Wikipedia, these two regulations are summarized like this (italics added for emphasis):

  • HIPAA “was enacted by the 104th United States Congress and signed by President Bill Clinton in 1996. It was created primarily to modernize the flow of healthcare information, stipulate how Personally Identifiable Information maintained by the healthcare and healthcare insurance industries should be protected from fraud and theft, and address limitations on healthcare insurance coverage.

  • The GDPR is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

Does this mean that Toku doesn’t comply with these regulations?

No! As mentioned above, Toku is a registered telecommunications operator and we are domiciled in Singapore. This means that we are subject to other laws which provide similar protection to our customers and the end-users of our products and services.

If you’d like to speak with someone about your specific business or requirements or you want to review a specific situation related to our privacy policy or the terms of use for Toku’s products and services, please contact us. We’ll be happy to set up a time to speak with you.

Does this mean that Toku doesn’t care about privacy or protecting customers' sensitive data?

No! We take privacy and the security of customer data very seriously. We often ask customers and end-users to provide us with copies of documents that help us verify identity and legal addresses. Toku is required to do this, by law. We are also required to retain copies of these records for specified amounts of time. Of course, we do everything we can to ensure that this information is collected and stored securely, and accessible only to those people or systems that need it. You can refer to our privacy policy for more information. If you have specific questions or a special situation that you would like to discuss, we are here to help.

Important Links