As you’ve probably heard, the GDPR is entering into force very soon (more specifically on 25th May 2018) and Favro is well prepared. On this page, we would like to present to you our methods and plans to achieve GDPR-compliance, both for ourselves and for our customers.
What is GDPR?
GDPR (General Data Protection Regulation) is a new privacy regulation designed to strengthen the security and protection of personal data in the EU. A single set of rules will apply to all EU member states. The GDPR will affect every company and organization that handles personal data of European individuals, regardless if the company or organization itself is located in the EU or not.
The data protection rules are based on the following principles: fairness, lawfulness and transparency; purpose limitation; data minimization; data quality; security, integrity and confidentiality.
It’s important to remember that the definition of personal data is very broad and covers almost any information relating to a specific individual (called “data subjects” in the GDPR). For the individuals, the GDPR introduces a number of new rights and gives them greater control over the data that companies and organizations holds on them. For businesses, one of the biggest challenges with the GDPR will be to ensure that the data subjects are actually able to exercise their rights. It will be necessary to have a clear understanding of the grounds for lawful processing of personal data and to continuously review the technical and organizational measures to ensure personal data is adequately protected.
How is Favro preparing for the GDPR?
Favro will be GDPR compliant to the extent required on or before 25th May 2018 and will – of course – continue to comply going forward. Being a provider of a planning and collaboration app for organizational flow we handle huge amounts of data and therefore we understand how important security and privacy is, both to ourselves and our customers.
For quite some time now we have been analyzing the requirements of the GDPR and are working to make enhancements to our product and documentation. Our engineering, product and legal teams are all involved in the process of implementing the necessary procedures and practices. Further, there are ongoing discussions with customers and suppliers regarding contractual terms, international data transfers and data processing agreements as required by the GDPR.
Where can I learn more?
Fulfilling our privacy commitments is important to us. Therefore, we would be happy to help you prepare for GDPR compliance too! If you want to know more about how Favro works with data protection, please contact firstname.lastname@example.org. And of course, additional information about the GDPR is available on the official GDPR website of the European Union.