Hello, my name is Brian Rutledge. I’m the Principal Security Manager here at Spanning Cloud Apps, and today, we’re going to be talking about the General Data Protection Regulation (better known as the GDPR), what it does, and answering some questions from our customers.
The GDPR is the latest legislation to come out of the European Union that deals directly with data privacy. Any company that processes EU citizen data will have to comply with this regulation. With that, let’s get to some of our questions. First off:
Is Spanning GDPR compliant?
The answer is a resounding yes! Spanning has been compliant since early 2018.
Does Spanning have a Data Protection Addendum (or DPA) in place?
The answer again is yes. We have a pre-signed DPA for any customer that requires it, which also includes standard contractual clauses for those that require it.
How does Spanning deal with cross-border transfers of data?
Last year, Spanning was certified with the EU-US and Swiss-US Privacy Shield, and also conforms to articles 44 – 46 of the General Data Protection Regulation. We work with our customers to ensure that their data stays within the European Economic Area and is never transferred out without their expressed permission.
What resources does Spanning have available to its customers?
We have a DPA in place, as stated previously. We have compliance information in our GDPR blogs. We also have secure mechanisms for data subject’s requests.
Lastly, if you have any questions about GDPR or compliance, please reach out to me at [email protected] Thanks.