GDPR (General Data Protection Regulation) is a set of regulations that aims at providing EU citizens with greater control over how their personally identifiable information (PII) is collected, processed, stored, and used by organizations both inside and outside the EU.
Software vendors, such as Techinline, must follow the core principles of Security by Design and Privacy by Design laid out by the GDPR, e.g. implement the right to be forgotten and provide extensive information about the types of data that are collected, processed, stored, and used.
In this article:
- What has Techinline done to comply with the GDPR requirements?
- Is Techinline a data controller or a data processor?
- What data does SetMe collect, process and store?
- My organization is based in the EU. Where do you store my data?
- How can I remove my data from your servers?
What has Techinline done to comply with the GDPR requirements?
As part of our ongoing effort to meet all applicable information security and data privacy requirements, we have:
- Assigned a data protection officer.
- Thoroughly reviewed and implemented required internal security practices and measures concerning the handling and protection of personal data.
- The types of data we collect, how this data is processed and used, and where it is stored.
- Information about the integration with third-party services, such as Google AdWords, Google Analytics, and other analytics, advertising and marketing platforms which may also collect, store and process personal data.
- How our EU-based customers can manage and control the way their data is being stored and used (Right to Access and Right to be Forgotten).
- Ensured that all our partners maintain a strict security policy with regard to personal data and have already issued their statements of compliance with GDPR.
Is Techinline a data controller or a data processor?
Techinline acts as the controller of data that’s essential for us to provide you with the SetMe service (for example, when you register for a SetMe free trial account).
At the same time, Techinline may be your data processor. For instance, each time you establish a remote connection we collect pieces of data, such as IP addresses of the session participants, for reporting purposes, and therefore act as your data processor. In such cases, you act as the data controller and must make sure that your organization meets GDPR requirements. We recommend you ensure that your policies and internal documentation concerning GDPR compliance are up to date and clear to your readers.
What data does SetMe collect, process and store?
My organization is based in the EU. Where do you store my data?
SetMe utilizes a network of virtualized Amazon and Microsoft Azure servers distributed across multiple geographical regions, with the majority of servers being based in North America and the European Union. Our master server is located in the United Kingdom. The personal data we collect from you will be processed and stored in the United Kingdom.
How can I remove my data from your servers?
You also have the right to request information from us about your personal data at any time. If you have agreed to the use of this data, you may revoke this consent at any time. All requests and inquiries for information or objections for data processing should be sent by email to email@example.com.