What is GDPR?

 

The General Data Protection Regulation (GDPR) is a regulation that establishes new requirements for the protection of Personal Information of residents of the European Union (EU). It went into effect on May 25, 2018.

 

What is Personal Information?

 

Any information that can be used to identify an individual. Examples include email addresses, phone number or an IP address.

 

Does GDPR apply to you?

 

The GDPR applies to you if your organization is based in the EU or if it processes the Personal Information of residents of the EU to offer products or services. Simply put, if you do business in the EU, GDPR applies to you.

 

How does eFileCabinet comply with GDPR?

 

N

Security and Privacy are the bedrocks on which eFileCabinet has been and will always be built. eFileCabinet products are designed to put the utmost importance on the protection of your private data.

N

eFileCabinet gives you full control of your content and ways to access it.

N

The GDPR does not require that Personal Information and data remain in the EU.

N

eFileCabinet has certified its compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. These frameworks permit the transfer of data across EU borders and the data can be hosted and processed under the GDPR.

N

We have updated our Privacy Policy to reflect these changes and meet the requirements of GDRP.

What is required of you?

 

If you do business in the EU and are responsible for collecting data and determining how it is processed (a “data collector”), you should consider the following points:

 

N

You must enter into an agreement with any entity that handles the data (“data processor”). A data processing agreement (DPA) is an between the data controller and the data processor that sets the terms on how they will both meet the requirements of GDPR. You can request a DPA from eFileCabinet by emailing the Data Privacy Team (privacy@efilecabinet.com).

N

Ensure that the systems you use, including eFileCabinet, are setup in a way to meet your privacy, security, and compliance needs.

N

You should ensure that that any data processors with which you do business are prepared to meet the requirements of GDPR.

N

As the data controller, it is important to remember that you have specific legal obligations to meet under GDPR.

For more information on the GDPR and your obligations, please visit https://ec.europa.eu/info/law/law-topic/data-protection_en

Disclaimer: The information in this site is intended to provide assistance to customers and not as a comprehensive solution or legal advise. Each organization should learn the GDPR requirements that apply to them and undertake their own steps to ensure compliance.