GDPR and binding controls

On 27 April 2016, the European Union adopted the EU General Data Protection Regulation (“GDPR”),which will replace the current EU Directive 95/46/EC and will enter in force on 25 May 2018. The GDPR introduces new requirements for all companies processing personal data of individuals located in the European Economic Area (“EEA”). Among others, the GDPR requires companies, like you and Perseuss, to include specific provisions in their data processing agreements and to clarify their respective roles and responsibilities when handling personal data.

In addition, Perseuss is pleased to announce that it has implemented a set of Binding Controls (BC), recognized as providing an adequate level of protection to the personal data we process globally.  To that end, Perseuss must reflect the BC requirements into all our agreements with you.


Set up a Data Processing Register

The Data Processing Register of Perseuss lists all the Data Controllers, Contact information, Lawful Processing Grounds, Data Subjects, Personal Data elements, Third Parties, Retention Periods that apply to us as business.

Documented the PII Data Flows

Our data flows detail & visualize all Personal Identifiable Information that is processed within Perseuss and/or its Systems.

Lawful processing of personal data / Link (personal) data with the purposes for which it has been collected

As a data processor we have listed the law-full processing grounds for each customer.

Strengthened contractual requirements & Updated Data Processing Agreements

Based on the GDPR requirements we have updated our contracts including our Data Processing Agreements

Implement Privacy & security by design (& by default) requirements

Our systems were built on the concepts of security & privacy by design (hashing etc.). For the GDPR we have implemented additional controls to further strengthen our organization.

Stricter Data Processing Agreements with external service providers

Although Perseuss has kept its external service providers to a minimum for security & privacy reasons. We also have reflected the stricter GDPR requirements up to our supplier contracts.

Updated Privacy Policy (GDPR compliant)

On our website(s) we have updated our Privacy Policy and added a GDPR FAQ.

Updated processes & systems to meet Data Subjects Rights (Object, Change, Remove)

Our systems have been updated so we can support & register any Data Subject performing it's Rights under the GDPR.

Support for conducting data protection impact assessments

To support our data controllers and for Perseuss as a data processor we are prepared to assist in performing Privacy Impact Assessments.

Appoint data protection officer

We have a appointed a specific role in our organization for our data protection efforts.

If you want to find out more about the GDPR, please visit this website.

© copyright 2022 - Perseuss
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.