WorldAPP, the GDPR, and You

At WorldAPP, we understand that the preservation of your data is critical to the success of your organization. It’s a part of everything we do. That’s why we regularly monitor data protection legislation to ensure that the information you gather is not only safe at all times, but also in compliance with data security standards.

As a result, we’d like to notify you (our customers) that we are currently taking the appropriate steps to ensure that all of our applications and systems will fully comply with the European Union’s new General Data Protection Regulation (GDPR), which is scheduled to take effect 25 May 2018.  

General Data Protection Regulation

This legislation will standardize and enforce a new set of laws intended to protect the personal data of EU citizens. In essence, any company that captures, stores, protects, or shares this information will now be held accountable to a new level of transparency.

For example, companies will no longer be able to meet data security standards by simply stating that a third party might use an individual’s personal data. Instead, they must detail exactly where the data will go and how it will be used. They must also offer an easy opt-out process for anyone requesting that their data not be shared. And if a data security breach occurs, companies are now required to report it within 72 hours.

That’s just the tip of the iceberg, though. If you haven’t read it yet, the GDPR is a vast and detailed piece of legislation with many new requirements and regulations.

How will our applications help you to comply with these regulations?

Protection of personal data

WorldAPP offers encryption in transit to ensure our customers are in compliance with this most important GDPR principle.

Data subject consent to the processing of the personal data

We offer the ability to insert links into your Privacy Policy to provide customers with the ability to notify individuals of the exact intended use and processing of their personal data.

Right to rectification, restriction and right to be forgotten

Our applications provide customers with the ability to delete a data subject’s personal information from our production database to ensure compliance.

Data subject’s right to data portability

Any and all data you collect via forms and surveys belongs to you, so you can access and download it at any time to ensure portability.

Protecting data from unauthorized access

With three different levels of account access, application administrators can protect personal data by managing and restricting accessibility based on pre-determined factors.

How is WorldAPP (as a company) preparing for the GDPR?

We at WorldAPP have been working diligently to advance our platform’s feature-set and improve our professional services capabilities to ensure we can help our customers protect personal data at the highest level while conforming to the data protection legislation.

We’re taking the proper steps and making the appropriate commitments to ensure we fully adhere to the GDPR by:

  • Updating contractual clauses to ensure they include GDPR requirements
  • Signing the European Commission’s Model Contractual Clauses (if required)
  • Performing ongoing staff training to ensure a firm understanding of the upcoming legislation
  • Hiring a Data Protection Officer to oversee data protection and ensure GDPR compliance
  • Participating in the Privacy Shield program to address current EU data protection legislation
  • Developing a data protection exhibit to ensure data transfer is easy, safe, and compliant
  • Finalizing the release of additional technical and administrative measures to secure data

 

Got any questions about how we can help you achieve GDPR compliance? Contact us today!

Scott Regan