What is GDPR?
Is the EU’s General Data Protection Regulation.
It unifies all EU member states´approaches to data regulation.
It protects EU citizens from organizations using their data irresponsibly and puts them in charge of what information is shared, where and how it’s shared.
IS NOT ONLY AN IT ISSUE, NOR ONLY A LEGAL ISSUE, IS A BUSINESS ISSUE
GDPR compliance requires cooperation between departments and functions which are not typically asked to collaborate.
For more information about GDPR please go https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en
What about StarMeUp?
Below you can find a list including (while not limited to the contained herein) some of the activities we perform and/or measures we take, to comply with GDPR in the implementation of StarMeUp:
- In terms of GDPR vocabulary, we are processors and our clients are controllers
- We have designated our DPO (Data Processing Officer)
- Our databases, backups and logs are encrypted
- We do not require more personal data than needed from our final users
- We have implemented cookies opt-in/opt-out.
- All our processes related with this normative are documented
- Final users can request their GDPR rights writing to their employer privacy contact and/or email@example.com.
- StarMeUp OS team members receive periodic training and must read, accept and sign an Employee Confidentiality Agreement.
- We offer a GDPR addendum to our contract for EU clients in order to detail DPO, processor and controller responsibilities, information collected by StarMeUp and operations that can be done with this information, personal data breaches notifications and security measures implemented (https://os.starmeup.com/en/personal-data-processing-appendix/).