General Data Protection Regulation (GDPR) was passed by the EU Parliament in April of 2016. Replacing the Data Protection Directive from the 90s, it’s the biggest overarching legislative change in data privacy regulation to take place the last 20 years. In a gist, GDPR was created to standardize data privacy laws throughout Europe—and to put greater protection on the data privacy of EU citizens.
A full list of all the key GDPR changes can be found on the EU GDPR website.
The EU-U.S. Privacy Shield continues to be one valid way to ensure adequate safeguards are in place for personal data transfer from the EU to the U.S. The EU model clauses also remain a valid mechanism to lawfully transfer personal data. Zugata offers a Data Processing Agreement that incorporates the model clauses to our EU/EEA customers.
Zugata will enable you to fulfill any access or portability request by easily exporting into a machine-readable format all the user's data from the admin portal or the profile of the user.
If someone asks you to change her information, you can do this through the admin portal.
You will be able to perform a permanent delete of a user and all her data through the admin portal.
Zugata won't need to appoint a designated DPO( we are not a large company) but a trained team member will be responsible for data protection matters as part of their role.
Zugata is ISO27001:2013 certified and data security has always been our priority.
Procedures are in place to detect, investigate and report on personal data breaches within 72 hours of becoming aware of it.
We perform vendor risks assessments and verify their GDPR compliance.