Data Protection & Commitment to GDPR
Zed Technologies is fully committed to being compliant prior to the date GDPR goes into effect. We promise to safeguard your data.
Benefits of the GDPR
The regulation ecompasses steps to be taken in all areas of protecting an individual's privacy -- setting up security mechanisms, compliance, repercussions of breach and more. Non-compliance beyond the enforcement date, is liable to attract heavy penalties.
Committed to protecting our customers personal data, Zed Technologies is here to help customers and end-users understand significance of the GDPR, its requirements and our allegiance to comply by global standards.
Frequently Asked Questions
Any information relating to an identified or identifiable natural person ('data subject'). An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as - name, email address or location, and also online identifiers like IP address, types of website cookies and other device identifiers.
For eg: Support tickets carrying personal data like name, location, social identity for purposes to record and solve an individual's support requests; CRM software collecting online identifiers to learn prospect activity on from the company website/product.
A data controller is the entity/person that determines purposes and means of processing personal data of the EU resident. For eg. Zed Technologies is a data processor and Zed Technologies customers are controllers of the EU resident's data.
The GDPR applies to both data controllers and processors. Controllers collect data from the end-user that is the EU resident, for purposes clearly stated and with appropriate consent. Data processors provide services to the controller in accordance with each controller's instructions. Processors also use data collected to perform benchmarking analysis, so that it can sell further services allowing controllers to compare their data to industry averages.
Another category called sub-processors or third-party businesses performing data processing for other companies are also accountable for protection of personal data, according to the GDPR.
The DPO is responsible for informing employees of their compliance obligations as well as conducting monitoring, training, and audits required by the GDPR. A DPO needs to be appointed if you:
- process large amounts of personal data
- carry out large scale systematic monitoring of individuals or,
- are a public sector authority
Yes, you can confidently continue with all Zed Technologies products as we are currently in the process of achieving compliance. The regulation approved by the EU parliament in April 2016 provides businesses an adapting period of 2 years until the enforcement date of May 2018. Preparing for GDPR is a company wide challenge involving large amount of time, resources and expertise. Zed Technologies is working towards it and will be GDPR compliant by May 2018.
The GDPR helps restore consumer trust by acting as a central authority governing rules of data protection and rights across the EU. The new law allows businesses to undertake opportunities in the digital market while protecting an individual’s fundamental rights.
Businesses can capitalize on opportunities through:
- Cost savings and less complicated policy management by dealing with 1 law, not 28. This otherwise required expenses and efforts dealing with regulations for each member state locally.
- Consistency in practice of data protection measures both in and outside the EU. This is because the same regulation applies to all businesses, regardless of where they are based out of.
- The regulation enables innovation to flourish under the new law.
Individuals have the right to have their personal data deleted, in the event that it is no longer needed. ‘Right to be forgotten’ is in support of - freedom of expression.
No, the GDPR does not require EU personal data to stay in the EU, nor does it place any new restrictions on transfer of personal data outside the EU.
Data transfers from the EU to outside can be legitimized in many ways including
- EU-US Privacy Shield
- Model or Contractual clauses
- Binding Corporate Rules (BCR)
Data protection by design means, ensuring only that personal data which is required is collected, and also incorporate privacy features and functionality into products and services from the time they are first designed.
Data protection by default means, businesses must implement appropriate measures to mitigate privacy risks at the time of collection of the data, as well us by extending it at the time of processing it.