Effective date: April 26th, 2019
Last updated: June 24th, 2019
The General Data Protection Regulation (GDPR), is a European privacy law approved by the European Commission in 2016 and will go into effect May 25th 2018. The GDPR will replace a prior European Union privacy directive known as Directive 95/46/EC which has been the basis of European data protection law since 1995. The GDPR is an attempt to strengthen, and modernize EU data protection law and enha
nce individual rights and freedoms, consistent with the European understanding of privacy as a fundamental human right. The GDPR regulates, among other things, how individuals and organizations may obtain, use, store, and remove personal data. In a nutshell, it's giving EU citizens and residents control over their personal data while simplifying the regulatory environment for international business that takes place in the EU.
The Data Protection Principles include requirements such as:
GDPR adds some new requirements regarding how companies should protect individuals' personal data that they collect and process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breach. Beyond these facts it's simply the right thing to do. At Tability we strongly believe that your data privacy is very important and we already have solid security and privacy practices in place that go beyond the requirements of this new regulation.
We offer a data processing agreement (DPA) for our customers who collect data from folks in the EU. Our DPA offers contractual terms that meet GDPR requirements and that reflect our data privacy and security commitments to our customers.
To guarantee no terms are imposed on us beyond what is reflected in our DPA and Terms of Service, we cannot agree to sign customers’ DPAs. As a small team we are unable to make individual changes to our DPA as we do not have a legal team on staff. Any changes to the standard DPA would require legal counsel and a lot of back and forth discussion that would be cost-prohibitive for our team.
If you have any questions or concerns please let us know.
We've reviewed the GDPR-compliance status of our software vendors to ensure that they are adhering to the GDPR, including by signing Data Processing Addenda with those vendors where appropriate.
If you have any questions, please don't hesitate to reach out.