The European Union has taken a monumental step in protecting the fundamental right to privacy for every EU resident with the General Data Protection Regulation (GDPR) which will be effective from May 25, 2018. Simply put, EU residents will now have greater say over what, how, why, where, and when their personal data is used, processed, or disposed. This rule clarifies how the EU personal data laws apply even beyond the borders of the EU. Any organization that works with EU residents' personal data in any manner, irrespective of location, has obligations to protect the data. Bulksign is well aware of its role in providing the right tools and processes to support its users and customers meet their GDPR mandates.
At Bulksign, we have always honored our users' right to data privacy and protection. We have never served ads to our users, and never will. We do not serve ads even to customers using the free editions of our products. This means that we have no necessity to collect and process users' personal information beyond what is required for the functioning of our products.
Over the years, we have demonstrated our commitment to data privacy and protection by meeting the industry standards for ISO 27001 and SOC 2 Type 2. We already have strong Data Processing Agreements, and we are revising them to meet the requirements of the GDPR. We recognize that the GDPR will help us move towards the highest standards of operations in protecting customer data.
How is Bulksing implementing GDPR?
We understand that meeting the GDPR requirements will take a lot of time and effort. And as your partner, we want to help you make your process as seamless as possible, so that you don't have to worry about compliance and can focus more on running your business. Some of our product enhancements are about to make it easier for you to:
Provide access controls
Encrypt, anonymize or delete user data
Perform data audits or assessments using data processing logs
Create provisions for data subjects rights
Enhance security for user data
What should you do to be GDPR-ready?
If you are just getting started with GDPR compliance in your organization, here's a quick to-do list to keep in mind :
Create a data privacy team to oversee GDPR activities and raise awareness
Review current security and privacy processes in place & where applicable, revise your contracts with third parties & customers to meet the requirements of the GDPR
Identify the Personally Identifiable Information (PII)/Personal data that is being collected
Analyze how this information is being processed, stored, retained and deleted
Assess the third parties with whom you disclose data
Establish procedures to respond to data subjects when they exercise their rights