On 27 April 2016, the European Union adopted the EU General Data Protection Regulation (“GDPR”),which will replace the current EU Directive 95/46/EC and will enter in force on 25 May 2018. The GDPR introduces new requirements for all companies processing personal data of individuals located in the European Economic Area (“EEA”). Among others, the GDPR requires companies, like you and Perseuss, to include specific provisions in their data processing agreements and to clarify their respective roles and responsibilities when handling personal data.
In addition, Perseuss is pleased to announce that it has implemented a set of Binding Controls (BC), recognized as providing an adequate level of protection to the personal data we process globally. To that end, Perseuss must reflect the BC requirements into all our agreements with you.
The Data Processing Register of Perseuss lists all the Data Controllers, Contact information, Lawful Processing Grounds, Data Subjects, Personal Data elements, Third Parties, Retention Periods that apply to us as business.
Our data flows detail & visualize all Personal Identifiable Information that is processed within Perseuss and/or its Systems.
As a data processor we have listed the law-full processing grounds for each customer.
Based on the GDPR requirements we have updated our contracts including our Data Processing Agreements
Our systems were built on the concepts of security & privacy by design (hashing etc.). For the GDPR we have implemented additional controls to further strengthen our organization.
Although Perseuss has kept its external service providers to a minimum for security & privacy reasons. We also have reflected the stricter GDPR requirements up to our supplier contracts.
Our systems have been updated so we can support & register any Data Subject performing it's Rights under the GDPR.
To support our data controllers and for Perseuss as a data processor we are prepared to assist in performing Privacy Impact Assessments.
We have a appointed a specific role in our organization for our data protection efforts.
If you want to find out more about the GDPR, please visit this website.