CapLinked and GDPR - Our Commitment to Data Privacy
The General Data Protection Regulation (GDPR) is an important piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union. The regulation contains the most significant changes to European data privacy legislation in the last 20 years. It is designed to give EU citizens more control over their data and seeks to unify a number of existing privacy and security laws under one comprehensive law.
The regulation will become effective and enforceable on the 25th May 2018.
This post outlines our approach and progress to date.
What changes is CapLinked making to be GDPR compliant?
Like many other software companies, we are implementing our company-wide GDPR compliance strategy leading up to May 25, 2018 and beyond. We appreciate that our customers have requirements under GDPR that are directly impacted by their use of CapLinked, and we are committed to helping our customers fulfill their requirements under GDPR.
Below are a few examples of initiatives we have committed to in order to satisfy GDPR requirements that apply to both our customers and us:
- Committing to security and privacy measures required under GDPR. You can view details on our current security measures at Security @ CapLinked.
- Where we are transferring data outside of the EU, committing to appropriate data transfer mechanisms as required by GDPR. This includes our current Privacy Shield certification (see our Privacy Policy).
- Assisting our customers with satisfying their GDPR data security and privacy requirements as described at Security @ CapLinked, notifying regulators of personal data breaches on our systems and promptly communicating any such breaches to our customers and end-users.
- Ensuring our staff that access and process our customer’s personal data are bound to maintain the confidentiality and security of that data.
- Holding any subprocessors that handle our customers’ personal data to the applicable data management, security and privacy standards required under GDPR
- Committing to carrying out data impact assessments and consulting with EU regulators where appropriate.
GDPR FAQ
Do we process personal data of our customers?
Yes, we process customer personal data to provide CapLinked and for other specified purposes described in our Privacy Policy and Terms of Service.
Where do we send customer data?
Our goal is to provide our customers with secure, fast and reliable service. As a provider of a global service, we run our service with common operational practices and features across multiple jurisdictions. For example, we currently store data in data centers provided by Amazon Web Services (AWS) located in the US (see https://aws.amazon.com/security for information on their security practices). We disclose in our Privacy Policy that personal data will be transferred to the United States and possibly to other countries for purposes related to providing products and services.
Can you guarantee that my data will stay in a certain location (e.g., Europe)?
CapLinked features require that data be transferred to the US. In addition, our employees may need access to data stored in the EU from a non-EU country (e.g., United States) for technical and support related reasons. In all cases where data is transferred outside of the E.U., CapLinked commits to ensuring such transfers are compliant with applicable data transfer laws, including GDPR.
Are we Privacy Shield certified?
Yes. We are certified with the EU-US Privacy Shield framework certification. You can view this Privacy Shield certification here.
CapLinked is also compliant with South Africa’s protection of personal information act. The compliance requirements overlap with GDPR and CCPA (California Consumer Privacy Act).
More Resources
CapLinked is 100% committed to customers’ success and the protection of customer data. Customers can count on our commitment to GDPR compliance. Thank you for your interest in CapLinked!
- Privacy – We’re committed to protecting the privacy of your personal information.
- Security– Our customer focused culture ensures that security is a top priority.
- Data Processing Agreement (DPA)
Comments
0 comments
Article is closed for comments.