You may have heard of the changes to the European Union data protection law that become effective on May 25, 2018. Known as the General Data Protection Regulation (GDPR), its purpose is to harmonize data protection laws across the EU, give people in the EU enhanced rights to their data, and require businesses to meet certain technical and organizational standards about how they collect and process personal information.
Steps Databook is taking to improve data privacy and security
- We are registering for the EU-US Privacy Shield and the Swiss-US Privacy Shield to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States.
- We are offering a Data Processing Agreement (DPA) for enterprise clients to sign. Our DPA shares our privacy commitments and sets out the terms for Databook and our customers to meet GDPR requirements.
- We are reviewing all the third-party service providers who help us deliver our service and we are checking their plans for GDPR compliance. We are putting in place appropriate, GDPR-ready agreements with our service providers.