The GDPR is Europe’s new framework for data protection laws – it replaces the previous 1995 data protection directive. This new legislation is designed to provide greater protection and rights to individuals in the EU. This new regulation comes into effect on 28th May 2018 and will affect how EU citizen’s personal data is utilized by all companies (public and private) dealing with individuals in the EU. Find out more.
What is GDPR?
Who is impacted by this?
What does the new GDPR entail? How to be compliant
In what countries does Book4Time process your data and what safeguards are in place at these locations?
Will Book4Time only process data in accordance with my instructions, and is there a written contract?
What is Book4Time doing to prepare for GDPR?
What is GDPR?
The GDPR is The EU General Data Protection Regulation that increased the security and protection of the personal data shared by European Union citizens.
What do we need to do?
To comply with the EU GDPR, companies like Book4Time Inc., that are processers of data, must observe with the following requirements:
- Obtain consent to collect and process personal information
- Protect personal data
- Control access to personal data
- Provide the option to erase personal data
- Inform customers of data breaches
- Right to be informed – About who is processing your personal data
- Right to access – Any personal data that has been collected
- Right to rectify – Correct or amend any personal data that is collected
- Right to be forgotten – Have personal data completely removed from the system and prevent further collection
- Right to restrict processing – Of specific categories of personal data
- Right to data portability – Transfer personal data to a recipient of your choice
- Right to object – Consent to or withdraw consent to processing of your personal data
What are we doing to comply with the EU GDPR and protect your rights?
- We have incorporated a “Privacy By Design” policy where anything that we do internally and any products or updates that we design are all grounded in data privacy and take into consideration the risks and rights of the ultimate data owner.
- We have appointed a Data Protection Officer (DPO) who will monitor any risks or threats to your personal data and will ensure that we remain compliant with the GDPR and continue to protect your personal data and your rights. The DPO is also there to answer any of your questions or concerns relating to the GDPR and our compliance with it. Our DPO can be reached at email@example.com.
- We have done an internal Impact Assessment whereby we assessed any risks, concerns, and areas of improvement internal at Book4Time Inc. and have taken that assessment and made the appropriate changes within our company to ensure the highest rate of data protection for your personal information.
- We continue to encrypt all of our data using the world-renowned Amazon Web Services EC2 environment on EBS encrypted storage
- We continue to complete annual SOC II Audit which confirms our industry standard processes and procedures that protect data
- We continue to host all EU data within the EU at using the world-renowned hosting centers provided by Amazon Web Services
- We continue to provide the ability to facilitate the modification or full deletion of personal data upon instruction and request
- We continue to provide, and have ramped up, our internal data privacy training and onboarding for new and current employees
- We continue to provide constant monitoring of our systems to ensure your data is always protected, as well as constant monitoring of new or updated privacy laws in order to stay on top of any issues that may arise