The General Data Protection Regulation (GDPR) is a new EU Regulation, related to protection of personal data due to take effect on 25th of May 2018. The goal of GDPR is to protect the rights of EU citizens to data privacy and to ensure transparency, security and accountability by data controllers and processors. Simply speaking it will give every EU citizen the right to know what, why, where and when their data is being used as well as a new right 'to be erased or forgotten’.
GDPR will expand on the already existing EU Data Protection Directive's eight principles:
GDPR's main goal is to protect the rights of EU citizens to data privacy and to ensure transparency, security and accountability by data controllers and processors. (International Association of Privacy Professionals.)
Data Subject - A person who lives in the EU.
Data Controller - An individual or organization who collects, stores, processes and decides what to do with personal data.
Data Processor - A individual or organization that processes personal data on the instructions of the Data Controller.
Data Processing - The carrying out of operations on data.
Data Protection Officer - The Data Protection Officer (DPO) is responsible for ensuring organizations are complying with GDPR requirements.
Personal Data - Any information relating to natural person directly or indirectly such as name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of that natural person.
Sensitive Data - Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade-union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person.
FieldCloud’s dedicated team are in the process of reviewing and expanding on existing policies ahead of GDPR. As a data controller and data processor, FieldCloud understands its responsibilities and is working with our legal team to ensure we adhere to all the regulations and are taking the correct steps forward in implementation. We are actively working on the following steps:
Reviewing personal data & policies - We’re in the process of reviewing all personal data stored within our application, expanding on our processes and policies that are currently in place and documenting everything that is necessary.
Consent process - We are working on enhancing the process of obtaining and recording of a valid consent at every contact point. We will continue to ensure our customers data is well protected and privacy is at the core of our business.
Right to be forgotten - We are implementing steps to fully erase personal details upon individual’s requests.
Security and Data transferability - Data security is at the core of FieldCloud and as we prepare for GDPR we will continue to ensure the data transfer to and from our server and other cloud applications will remain secure and protected from unauthorized access.
Multi-server infrastructure - We are working on adding new servers in various geographical zones including EU. Keeping your data closer to your physical location will improve your connectivity, access speed as well as provide more reliable service. (This will be done in two phases; the first phase will be for new accounts and the second will be for existing customers).
We have outlined a number of actions you should consider, however you must implement your own due diligence and comply with regulations on how you collect and use personal data.
In the case of a data breach, CRM users are treated as data controller and it's within your responsibility to notify the supervisory authority within 72 hours as well as in some cases, affected data subjects. If you fail to comply with GDPR rules, you could be penalized up to €20 million or 4% of annual turnover.
This website is to be used as a point of reference and is not providing legal advice for any company to use in laws such as GDPR. Instead, it provides information to help better understand how FieldCloud is working to becoming GDPR compliant. It’s important you seek your own legal advice for your own specific business.
Reporting & Analytics
B2l Mobitech Pvt Ltd,
© B2l Mobitech Pvt. Ltd. All Rights Reserved.