GDPR

Like many other companies, databrackets has reviewed its company-wide compliance strategy with respect to the EU General Data Protection Regulation (GDPR), which came in to effect from 25th May 2018.

In doing so, databrackets completed an audit of all data flowing in and out of our organization, either in our capacity as a Data Controller or as a Data Processor.

As a result, we have reviewed and updated our Privacy Policy and Cookie Policy; ensured we obtain consent before collecting personal data of our customers; provide access to that data, and provide the right to be forgotten in accordance with our Privacy Policy. We have either signed Data Processing Addendums with relevant third-party service providers or moved away from non-compliant providers.

databrackets now offers a GDPR compliant Data Processing Addendum to our standard License Agreement so that customers can use our services in a GDPR compliant manner and we have executed Data Processing Addendums with our sub-processors.

We are committed to a process of continual improvement of our privacy and security measures; notifying regulators of personal data breaches and promptly communicating any such breaches to our customers.

GDPR – FAQ

What is the GDPR?

The General Data Protection Regulation (GDPR) is new European privacy law. The GDPR increases protection around the processing of personal data of EU data subjects by applying a single data protection law that is binding throughout each member state of the EU.

Who does the GDPR apply to?

The GDPR applies to any organization, whether or not they are established in the EU, that is processing personal data of EU data subjects.

Is databrackets a Data Controller or Data Processor?

Under the GDPR databrackets is both a Data Controller and a Data Processor.

Data Controller – databrackets acts as a data controller when we collect and store accounts and contact information of our customers.

Data Processor – databrackets acts as a data processor when our customers use databrackets services to process personal data. Under these circumstances, our customer may act as a data controller or data processor, and databrackets acts as a data processor or sub-processor.

Can I use databrackets to Process Personal Data?

Yes.  If you intend to use services that may handle Personal Data you should:
 

  1. Sign the Data Processing Addendum to our standard License Agreement.
  2. Use the databrackets guidelines in accordance with: Guidelines for Using databrackets Services in a GDPR-Compliant Manner.                                                                            

How do I enter into the Data Processing Addendum with databrackets?

Please send an email to info@databrackets.com that specifies:
 

  1. Your personal name
  2. Your position
  3. Company name.


We will then send you a copy of the Data Processing Addendum that you can review and sign electronically.

What technical and organizational security measures does databrackets have in place?

In response to Article 28 and 32 of the GDPR, we outline the technical and organizational security measures we use to ensure the ongoing confidentiality, integrity, availability, and resilience of the databrackets service Security Measures.