GDPR Security
Introduction
The General Data Protection Regulation (the “GDPR”) went into effect on May 25, 2018. The regulation harmonizes the patchwork of privacy regulations currently in effect around Europe. The regulations help people stay in control of their information, and UtilizeCore agrees with this principle. UtilizeCore does not sell customer data or use it for anything other than helping Service Managers. GDPR requires that companies take security and privacy seriously. It also requires transparency about how data is stored, moved, and processed. Companies must allow data subjects to control their data, and EU residents can ask for their data to be corrected, deleted, or exported. Companies need to document how they bulk process their customers’ information. They must enforce policies to protect that data, and for larger data processing operations, they need to have a Data Protection Officer with the power to control how data is processed and protected. Like the laws currently in effect, the GDPR defines when it is okay for companies to move data out of the EU.
UtilizeCore has worked with world-class legal, privacy, and cybersecurity consultants to audit its products and processes for GDPR compliance. In accordance with the regulation, we have balanced the need for security and data privacy protection with the legal, contractual, and commercial requirements of service managers.
Contract Updates
The GDPR requires that data controllers define how data processors use the data they get from controllers. UtilizeCore has updated its Master SaaS Agreement, which provides the necessary information and includes the required components for GDPR, including standard contractual clauses for international data transfers.
What is the GDPR Status of our products?
UtilizeCore is GDPR ready. UtilizeCore has a privacy policy located at click here.
The UtilizeCore Privacy Policy is located at click here.
Disclaimer
We cannot cannot give you legal advice and ultimately you are responsible for your compliance to all laws. This FAQ represents a dedicated effort, working with world-class counsel and consultants, to understand GDPR and its impact on service management.