What is GDPR?

The EU General Data Protection Regulation (“GDPR”) is a new comprehensive data protection law that comes into effect on May 25, 2018. It will replace existing EU Data Protection law to strengthen the protection of “personal data” and the rights of the individual. It will be a single set of rules which govern the processing and monitoring of EU data.

We are GDPR Ready

Four51 has undergone a GDPR compliance review and we’ve taken many steps to ensure compliance and security for all our user data. Here are a few highlights of what we have done:

• Data Protection Officer: Our Executive Team serves as our Data Protection Officer to oversee and advise on our data management. Get in touch by emailing support@four51.com
• Data Processing Addendum: We have created a data processing addendum (DPA) that supplements our Terms of Service and provides contractual safeguards to our customers for the processing of the personal data sent through Four51, enabling these customers to be compliant with the GDPR. If you need a copy of our DPA, administrators can email support@four51.com
• International Data Transfers: The EU-US Privacy Shield is a framework negotiated and agreed by the European Commission and U.S. Department of Commerce as a lawful way of transferring personal data. To comply with EU data protection laws around international data transfer, we have submitted our application for the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield frameworks.
• Vetting Sub-processors: As part of our compliance review, we’ve scrutinized all third-party vendors we use to make sure they also prioritize the security and privacy of personal data. We’ve ensured our signed contracts with them take the highest levels of security into consideration.
• Processes, procedures, and training: We’ve updated our existing processes and implemented some more around subject access requests, and process reviews. We’ve also had all team members undergo data protection training and GDPR training.
• Breach Management: We updated our existing breach management and communication process to comply with the GDPR regulations concerning the escalation process and requirements for data subject notification.
• Updated Privacy Policy: We’ve updated our Privacy Policy to make it more clear about what data we collect and how it is used. Our new privacy policy is effective as of May 25, 2018.

More Information

Privacy Policy
 

Questions?

If you have any questions about GDPR or would like to make a Subject Access Request – feel free to reach out to us at support@four51.com