General Data Protection Regulation (GDPR) was passed by the EU Parliament in April of 2016. Replacing the Data Protection Directive from the 90s, it’s the biggest overarching legislative change in data privacy regulation to take place the last 20 years. In a gist, GDPR was created to standardize data privacy laws throughout Europe—and to put greater protection on the data privacy of EU citizens.
A full list of all the key GDPR changes can be found on the EU GDPR website.
The EU-U.S. Privacy Shield continues to be one valid way to ensure adequate safeguards are in place for personal data transfer from the EU to the U.S. The EU model clauses also remain a valid mechanism to lawfully transfer personal data. Zugata offers a Data Processing Agreement that incorporates the model clauses to our EU/EEA customers.
Zugata will enables you to fulfill any access or portability request by easily exporting into a machine-readable format all the user's data from the admin portal or the profile of the user.
If someone asks you to change her information, you can do this through the admin portal.
You will be able to perform a permanent delete of a user and all her data through the admin portal.
Zugata won't need to appoint a designated DPO( we are not a large company) but a trained team member ( our CTO ) is responsible for data protection matters as part of their role.
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Zugata has appointed European Data Protection Office (EDPO) as it's GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR by sending an email to firstname.lastname@example.org or writing EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium
Zugata is ISO27001:2013 certified and data security has always been our priority.
Procedures are in place to detect, investigate and report on personal data breaches within 72 hours of becoming aware of it.
We perform vendor risks assessments and verify their GDPR compliance.