GDPR
GDPR (General Data Protection Regulation) is a set of regulations that aims at providing EU citizens with greater control over how their personally identifiable information (PII) is collected, processed, stored, and used by organizations both inside and outside the EU.
Software vendors, such as Techinline, must follow the core principles of Security by Design and Privacy by Design laid out by the GDPR, e.g. implement the right to be forgotten and provide extensive information about the types of data that are collected, processed, stored, and used.
In this article:
- What has Techinline done to comply with the GDPR requirements?
- Is Techinline a data controller or a data processor?
- What data does SetMe collect, process and store?
- My organization is based in the EU. Where do you store my data?
- How can I remove my data from your servers?
What has Techinline done to comply with the GDPR requirements?
As part of our ongoing effort to meet all applicable information security and data privacy requirements, we have:
- Assigned a data protection officer.
- Thoroughly reviewed and implemented required internal security practices and measures concerning the handling and protection of personal data.
- Thoroughly reviewed our Privacy Policy and updated it in accordance with the EU GDPR requirements to include the following details:
- The types of data we collect, how this data is processed and used, and where it is stored.
- Information about the integration with third-party services, such as Google AdWords, Google Analytics, and other analytics, advertising and marketing platforms which may also collect, store and process personal data.
- How our EU-based customers can manage and control the way their data is being stored and used (Right to Access and Right to be Forgotten).
- Ensured that all our partners maintain a strict security policy with regard to personal data and have already issued their statements of compliance with GDPR.
- We have also added more information about the use of cookies to our Cookie Policy and updated our Terms of Service with more focus on our commitment to data protection.
Is Techinline a data controller or a data processor?
Techinline acts as the controller of data that’s essential for us to provide you with the SetMe service (for example, when you register for a SetMe free trial account).
At the same time, Techinline may be your data processor. For instance, each time you establish a remote connection we collect pieces of data, such as IP addresses of the session participants, for reporting purposes, and therefore act as your data processor. In such cases, you act as the data controller and must make sure that your organization meets GDPR requirements. We recommend you ensure that your policies and internal documentation concerning GDPR compliance are up to date and clear to your readers.
SetMe does not collect, process or store any personally identifiable information during the remote connection except for general information used to generate usage reports, which includes IP addresses of the connection participants. For more information, see SetMe's Privacy Policy.
Techinline’s controller and processor activities are covered by our Terms of Service and Privacy Policy. Our Data Processing Agreement (DPA) outlines how personal data is processed and the security measures in place to ensure maximum protection of such data.
What data does SetMe collect, process and store?
Upon registering for the SetMe service you enter into an agreement with us to accept our Terms of Service and Privacy Policy . As part of this agreement, you may be asked to provide additional personal information, such as your billing details and contact information.
Please refer to our Privacy Policy to learn more about the types of data we collect from our customers and the reasons why we may collect this data.
My organization is based in the EU. Where do you store my data?
SetMe utilizes a network of virtualized Amazon and Microsoft Azure servers distributed across multiple geographical regions, with the majority of servers being based in North America and the European Union. Our master server is located in the United Kingdom. The personal data we collect from you will be processed and stored in the United Kingdom.
Please refer to our Privacy Policy for more information on data security and storage.
How can I remove my data from your servers?
We have defined retention periods after which your data is automatically removed following account cancellation or contract termination/expiration. For more information about our data retention policies, please see section 4 of the SetMe Privacy Policy.
You also have the right to request information from us about your personal data at any time. If you have agreed to the use of this data, you may revoke this consent at any time. All requests and inquiries for information or objections for data processing should be sent by email to privacy@techinline.com.