What is the GDPR?
In 2016, the European Commission approved and adopted the new law on the General Data Protection Regulation (GDPR), which came into force on May 25, 2018. The GDPR imposes strict rules on organizations of all sizes on how they regulate the personal data collected by them. It applies both to European organizations that process personal data of individuals in the EU, and to organizations outside the EU that target people living in the EU. These regulations concern data controllers as well as data processors.
Failure to comply with the GDPR may result in significant fines of up to 20 million EUR or up to 4 % of your company’s global turnover of the preceding financial year, whichever is higher.
What does Dataleon put in place in order to comply?
Data Protection Officer:
We have appointed a Data Protection Officer (DPO) to monitor all activities on data collection and use. The DPO is in charge of training and educating Dataleon internal teams to maintain the standards required by the GDPR in terms of security and confidentiality. The DPO must also report any non-compliant activity. You can contact our DPO at firstname.lastname@example.org for any question or request to create / update / delete your data.
You can to contact our DPO at email@example.com for any question or request to create / update / delete your data. You are also can manage all your and your participants’ personal data from your account.
Security & faults
Our team is doing everything to strengthen our security policies to be in compliance. Here is what we are already doing in this direction:
- Data encryption
- Database backups
- Database encryption
- Using HTTPS when encrypting data between client and server
- Databases in the EU
- 2FA authentication and role management for data access
- Computer encryption
- Systematic implementation of secure passwords
- Safety training
- 24/7 response time in case of emergency
Dataleon uses various third-party tools for marketing, statistical and functional purposes. You can request access to our inventory to find out who these third parties are, their compliance and the data we collect. All these third parties comply with the GDPR and have signed a data protection agreement with us.