The General Data Protection Regulation (GDPR) took effect on May 25th, 2018. The regulation expands upon and replaces the EU Data Protection and Privacy rules with a more comprehensive framework that dictates how the personal information of EU data subjects is used, stored, transmitted and protected, and codified EU data subjects’ rights regarding that data. The GDPR also requires that businesses share with the EU data subject how personal data is being handled; respond to certain data subject requests about that data; and handle such with proper security controls. The regulation also sets a standard for how that data is shared with other controllers and processors and sets guidelines for use or transfer of that information in countries with different laws and regulations regarding data use and transfer.
How PURPLE FALCON PARTNER adheres to the privacy standards of the GDPR
Our commitment to GDPR did not end on May 25th, 2018 as we are constantly improving our policies and procedures to adhere to the standard and to go a step further to ensure all data we collect is properly protected. The GDPR is not another checkbox for PURPLE FALCON PARTNER but a process of improvement of our Information Security program and the controls we have in place to ensure the data we collect is done so properly, our systems are tested and our employees are trained to understand the regulation and other data protection laws. The goal is not only to ensure we are GDPR compliant but to provide a better service to our users.
PURPLE FALCON PARTNER strives to be transparent with how we are collecting data regarding our customers and providing information to them on the data that we currently have. All our teams work to ensure that the data collected is only what is needed to provide the best service and utilizes data subjects’ information for the purpose of fulfilling those services only.
How does PURPLE FALCON PARTNER adhere to the GDPR?
PURPLE FALCON PARTNER reviewed its environment to determine how customer data is acquired and stored and made necessary adjustments to our policies, procedures and security controls. As PURPLE FALCON PARTNER works with clients around the world, we have worked to ensure that our current services adhere to the GDPR and we will apply what we learned to all future services we build.
Does PURPLE FALCON PARTNER comply with the data transference requirements of the GDPR regarding third parties?
Once PURPLE FALCON PARTNER collects a data subject’s personal information it avoids as much as possible sharing that information with any vendor, third party, contractor or other type of outside service. Once PURPLE FALCON PARTNER collects the personal information, it is stored in our systems and is not transferred outside of our network to any controllers or subprocessors without explicit permission from our clients. PURPLE FALCON PARTNER never sells personal data to other companies, and to the extent it is ever shared, it is only to complete the purpose for which the data was acquired.
Yes. Our Privacy Notice can be found here (https://www.measuredmind.ai/privacy-policy/) and outlines what actions PURPLE FALCON PARTNER performs on personal information and how that information is collected. The Privacy Notice also includes contact information where further questions and concerns can be addressed.
How can an EU citizen request to have their information removed or modified? Is there a process for viewing the information that PURPLE FALCON PARTNER has when request by an EU citizen?
Within the PURPLE FALCON PARTNER Privacy Notice there is an Enforcement section that provides contact information on how to reach us regarding any questions or concerns you may have on your data privacy within the GDRP directives. This same contact information can be used for questions related to data subject access requests, portability, erasure, etc.
How can a PURPLE FALCON PARTNER customer enter into a Data Protection Agreement (DPA) with PURPLE FALCON PARTNER?
As required by GDPR, PURPLE FALCON PARTNER’s data processing is governed by our privacy policies and DPA’s signed with our customers.
Workforce 2.0 and Beyond