We’re rapidly approaching the GDPR enforcement deadline of May 25th, and ExaVault has been busily working over the last several months to provide you with GDPR-compliant services. For those of you who are impacted by the GDPR regulations, we’ve got an update to let you know what we’re doing to support your efforts.
General Data Protection Regulation
GDPR (General Data Protection Regulation) is a law passed in the European Union and the UK, to strengthen controls that individuals have over their data and their right to privacy. Enforcement penalties come into play beginning in May 2018, and it requires greater controls by companies who control and process personal data.
ExaVault’s steps to ensure we’re GDPR-ready include:
- ExaVault is Privacy Shield certified. By complying with the Privacy Shield Principles, we can lawfully collect, receive, and process personal data from the EU in the US.
- We are putting the finishing touches on our GDPR-compliant Data Processing Agreement for ExaVault’s processing of personal data under the GDPR on behalf of its customers. If your use of ExaVault requires us to process personal data within the scope of the GDPR, ExaVault’s GDPR Data Processing Addendum will become available shortly under a revised Terms of Service.
- Vendor agreements review: To ensure that our customers’ personal data is protected, we are reviewing our vendor agreements and making sure GDPR-compliant terms are in place with service providers who process GDPR personal data on our behalf.
- We’ve been conducting internal reviews of our data and security systems to ensure our internal documentation and policies are in line with GDPR principles.
- We are putting additional technical safeguards in place to ensure even higher levels of protection for data.
- ExaVault has defined processes to make sure that we are able to respond to any data subject requests that we may receive.
- We are currently evaluating our Privacy and Terms of Service and making needed updates.
GDPR-Compliance & the Future
We’ll make another announcement shortly when the Data Processing Agreement is available. *April 2018 – Our Data Processing Addendum is available. View and download as needed for your records.
We think GDPR is critically important to the future of online file sharing, and we look forward to sharing more details on GDPR and our work to help you remain GDPR-compliant.
If you have any questions about our GDPR preparation, please reach out to us at firstname.lastname@example.org .