What are the actions that InfiSync is taking to comply with GDPR?
InfiSync is dedicated to meet all the GDPR requirements and is committed towards protecting the privacy concerns of our app users, website and blog visitors.
Out checklist for GDPR compliance before the regulation comes into effect:
Task | Status |
---|---|
Familiarize ourselves with the full text of the regulation. | COMPLETED |
Refer legal communities that cover GDPR related topics. | COMPLETED |
Nominate Data Protection Specialist: We've nominated our Chief Information Officer for the role. Email: [email protected] | COMPLETED |
Make necessary changes to our Privacy Policy and Terms of Service documents. | COMPLETED |
Make a list of all the in-app areas that need to be managed and organized to comply with the regulation | COMPLETED |
Make a list of all the areas on the website and blog that need to be updated to get in-line with the regulation | COMPLETED |
Execute changes on the website and blog to make sure they are in-line with the GDPR rules | COMPLETED |
Implement pseudonymization to protect the user's data which do not have a compulsion to be kept in its original form | COMPLETED |
Ensure protection of personal data of InfiSync users | COMPLETED |
Create a standard Data Breach Response plan | COMPLETED |
Role of InfiSync in data protection?
InfiSync is defined as:
1) data administrator in relation to InfiSync users and businesses;
2) data processor in relation to the data owners whose personal data is uploaded to InfiSync and used in reports by its users. It implies that as a company, we superintend a couple of matters:
InfiSync needs to update its users and businesses whenever a third party takes part in processing their personal data.
InfiSync is liable to immediately inform the data administrator (the user) in case someone from the user's organization, contacts InfiSync to stop the outreach.
InfiSync permits the ‘right to be forgotten' and the ‘right to assist in data deletion' on a special request. As InfiSync user or administrators, you may request your personal data change or deletion. The detailed instruction on how to exercise those rights can be found below in the section Adequacy, relevance, limitedness of the GDPR Compliance.
InfiSync will address any violation of GDPR reported at [email protected]
What is GDPR?
The General Data Protection Act (GDPR) is being introduced by the European Union to regulate how personal data can be processed. Its goal is to ensure data protection of the people who live in the EU.
Why is there a need for GDPR?
EU data protection rules have not been changed over last two decades. There are two main reasons why the EU legislative branch decided to upgrade the existing regulations.
The reach of technology is global in today's era – personal data processing is present everywhere in today's digital world making existing regulation outdated;
According to a survey taken by Eurobarometer in 2011, 75% of people want to exercise their right to be forgotten. 90% believe that it's necessary to standardize the rights related to personal data protection (source).
Kinds of information under protection?
The scope of GDPR covers natural persons and their rights. It excludes business entities or organizations and processing of their data.
It protects processing of below mentioned personal data:
- Name
- Age
- Address
- Phone number
- Company Name
- Job title
Also indirect identifiers including physiological, mental, physical, genetic, economic, cultural and social identity. Hence, it protects any information using which one can identify the individual.
What does ‘processing' mean?
‘Processing' relates to personal data “collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction,” as in Article 4 (2) of the regulation.
Lawful basis for data processing
Processing personal data, in compliance with GDPR, requires one to follow the principles below:
Lawfulness Fairness Transparency Adequacy Relevance Limitedness Accuracy Storage Limitation Integrity Confidentiality.
Here is how InfiSync falls in line with these principles and what all you should know to use InfiSync in accordance with GDPR.
Lawfulness, fairness, and transparency
Being a Data Processor, InfiSync remains clear and fair when processing data of its subscribers and users. On completing the signup process, every InfiSync user and subscriber receives notification that the personal data they provide will be processed in ways specified by Terms of Service and Privacy Policy.
As data administrator, users must ensure that their actions have a clear and legitimate purpose to it. It is a must to have a valid reason to process personal data of EU citizens. One should also be able to explain the entire process of collecting the required data.
Adequacy, relevance, limitedness
InfiSync only processes the data necessary with respect to the purpose of the of the objective and does not collect any sensitive data such as gender, ethnic background, race, political views, etc.
A given user data is processed till the user has a InfiSync account, or they report a request to avail their right to erasure, which initiates a process to removes their data from our user base.
InfiSync processes its users from the moment they submit their consent for it and is processed until a user requests to be removed from the same.
How InfiSync users can change or remove their personal data?
- Account administrators can delete users from the account
- Uploaded videos can be managed and deleted from My Contents
- Terminated accounts are retained for 30 days to assist with service reactivation. After 30 days have passed the account is permanently deleted
InfiSync users can edit their account name or change their password by visiting “My Profile” section in the web app, after logging in. To request deletion of their data, a user can contact the support team at [email protected].
Our support team is available 24X7 in case you need any help. For any queries email us at [email protected] to get instant help.