GDPR Compliance


General Data Protection Regulation is here. Time to gear up

 

What is GDPR?


The GDPR, which went into effect on May 25, 2018, replaced the 1995 EU Data Protection Directive.

The GDPR lays out specific requirements for businesses and organizations who are established in Europe or who serve users in Europe. It:

  • Regulates how business can collect, use, and store personal data
  • Builds upon current documentation and reporting requirements to increase accountability
  • Authorizes fines on businesses who fail to meet its requirements

 

What is MindFlash Doing?

 

We’ve studied the GDPR, understand the 11 principles, and have taken measures to ensure we are complying with law.

  • MindFlash expects our employees to treat customer data as their own. We train our employees on proper handling of personal data and monitor those actions.
  • We have reviewed our vendors that act as sub-processors to ensure they take the appropriate security measures to protect customer data and are in compliance with GDPR.
  • Data Processing Addendum (DPA): In conjunction with our Customer Agreement and the acceptance of our Privacy Policy, we may provide a customer with a copy of our standard DPA.
  • Insurance Policies: MindFlash holds comprehensive Cyber Insurance policy to protect us and our customers from cyber dangers.

 

Our Sub-Processors