Data security and trust are integral to 黑料海角91入口鈥檚 顿颈谤别肠迟辞谤测-补蝉-补-厂别谤惫颈肠别庐 platform. This webpage is a broad overview of 黑料海角91入口鈥檚 compliance with the and is informational in nature. The content of this webpage is not a legally binding document and should not be considered a substitute for legal advice. 黑料海角91入口鈥檚 Data Processing Addendum (DPA) is incorporated into the Directory-as-a-Service Agreement (DAASA) that 黑料海角91入口 enters with its customers. A copy of 黑料海角91入口鈥檚 DPA is available here for your review.
GDPR Overview
The GDPR is a data privacy and protection regulation that is applicable to organizations processing personal data from data subjects in the EU, EEA, Switzerland, and the United Kingdom. The GDPR protects data subjects鈥 personal data and requires controllers and processors to take certain measures to safeguard personal data. Additionally, the GDPR provides data subjects the ability to request review and deletion of their personal data.
The GDPR defines Personal Data as 鈥渁ny information relating to an identified or identifiable natural person鈥 and includes personal identifiers such as names, email addresses, identification numbers, location data, and other online identifiers. The 鈥渋dentified or identifiable natural person鈥 is called the Data Subject under the GDPR.
There are two types of organizations that process a Data Subject鈥檚 Personal Data: Controllers and Processors. Controllers determine the reason for processing a Data Subject鈥檚 Personal Data. Processors process Personal Data based on the instructions from the relevant Controller. The GDPR requires Controllers and Processors to take care of Personal Data by using strong controls and security measures. 黑料海角91入口 monitors and will continue to monitor and evaluate any changes to the GDPR. 黑料海角91入口 has adopted the Standard Contractual Clauses in its DPA as the basis for the transfer of personal data from the EU, EEA, Switzerland, and the United Kingdom to the United States. The Standard Contractual Clauses are standard terms provided by the European Commission that 黑料海角91入口 uses for a compliant transfer of personal data from the EU. The Standard Contractual Clauses are expressly incorporated into 黑料海角91入口鈥檚 DPA.
黑料海角91入口 & Data Security
Privacy by design and protective security measures are critical elements of GDPR compliance. 黑料海角91入口 takes security of its systems and all customer Personal Data extremely seriously. 黑料海角91入口 safeguards Personal Data in many ways, including but not limited to encrypting all data at rest and in transit, training employees in security awareness and performing appropriate background checks, maintaining access controls, active software monitoring of 黑料海角91入口 user logins and privileged commands, and log monitoring. In addition, 黑料海角91入口鈥檚 ongoing security processes include penetration testing, vulnerability scanning, patching, and other activities. Further details on 黑料海角91入口鈥檚 robust security activities are available in our online documents as well as via our SOC 2 Type II attestation. The results of 黑料海角91入口鈥檚 SOC 2, Type II examination are available to customers upon request by emailing [email protected].
As a Controller, 黑料海角91入口 collects Personal Data in compliance with all applicable data protection laws and regulations. Please see our privacy policy for more information regarding the data 黑料海角91入口 collects as a Controller.
As a Processor, 黑料海角91入口 processes Personal Data on the Controller鈥檚 behalf. Generally speaking, the Controller is the customer using the 黑料海角91入口 services. If a Data Subject (the customer鈥檚 employees and contractors) exercises their 鈥榬ight to know鈥 or 鈥檙ight to be forgotten鈥, 黑料海角91入口 cannot itself provide or delete the relevant Personal Data as only the Controller has the right to do so. In such a case, 黑料海角91入口 will notify the Controller of the request and support the Controller as necessary, always subject to applicable law and the DPA.
As a Processor, 黑料海角91入口 also uses other sub-processors to deliver the 黑料海角91入口 services. For example, 黑料海角91入口 uses AWS, Salesforce, and others to run its business and provide its services. Pursuant to applicable law and the DPA, 黑料海角91入口 enters appropriate data processing agreements with all sub-processors. At no time does 黑料海角91入口 allow a sub-processor to use or leverage a customer鈥檚 Personal Data as a Controller. 黑料海角91入口 never sells or licenses Personal Data, nor do we permit third parties to market to a customer鈥檚 Data Subjects. When a data subject exercises their right to deletion of Personal Data, the deletion extends to our sub-processors as well.
Controllers and processors are also required under the GDPR to report data breaches to affected Data Subjects within 72 hours and without undue delay. As noted above, 黑料海角91入口 takes a number of precautions to prevent a data breach. Regardless, if a data breach occurred, as a Controller, 黑料海角91入口 would notify all data subjects affected within 72 hours of becoming aware of the breach, and, as a Processor, 黑料海角91入口 would notify the Controller to support the Controller in its reporting duties.
Data Deletion
As a Processor, 黑料海角91入口 will retain your data for as long as your account is active, whether under our paid or free plans.
If you are the administrator of your company鈥檚 黑料海角91入口 account or tenant, you can delete, or request the deletion of, your tenant (and all data). Please note that upon deletion of your data, the 黑料海角91入口 platform will not function for you. You may send any requests for information or deletion to [email protected].
If the administrator of a customer鈥檚 黑料海角91入口 tenant permits, an end user may input and delete information in the end user profile. Please note that the customer鈥檚 administrator, and not an end user, has the right to delete, or request 黑料海角91入口 delete, all other end user data from the tenant.
Individuals that have provided personal information through email, marketing, and sales tools, may unsubscribe to marketing communications as described in the communication and in our privacy policy and may also request the deletion of personal data that 黑料海角91入口 has collected by emailing [email protected].
Contact 黑料海角91入口
If you have further questions about GDPR and how 黑料海角91入口 can either help you become GDPR-compliant or how 黑料海角91入口, itself, is compliant, please don鈥檛 hesitate to contact us at [email protected].
黑料海角91入口鈥檚 Sub-processors
Sub-processors Authorized to Process Customer Data for 黑料海角91入口 Services
As described in the 黑料海角91入口 Terms of Service, 黑料海角91入口鈥檚 third-party sub-processors include:
Sub-Processor | Principal Office Location / Processing Country (鈥淧C鈥) | Subject Matter of the Processing |
AWS (Amazon Web Services, Inc.) | PC: USA, Germany and Japan | 路 Cloud hosting and infrastructure provider 路 Firewall web application services |
Salesforce.com, Inc. | PC: USA | 路 Customer relationship management activities and support |
Fivetran, Inc. | PC: USA | 路 Data integrations, normalization, and management services 路 Fivetran processes personal data in order to facilitate migration of data from data sources into a data warehouse. |
Snowflake Inc. | PC: USA | 路 Data warehousing, hosting and storage services |
Segment.io, Inc. | PC: USA | 路 Customer data platform services (analytics, data-driven decision making) |
SendGrid, Inc. | PC: USA | 路 Email platform |
DataDog, Inc. | PC: USA, Germany and Japan | 路 聽 Business analytics |
Subscribe to this RSS feed to be alerted when our GDPR policies and sub-processors change.
UPDATED: December 23, 2024