No doubt you’ve heard about the General Data Protection Regulation (GDPR), the new European Union data privacy and protection law that strengthens and expands the privacy rights of EU citizens. At Routific, we advocate strongly for the protection of personal data and we want to share with you some of the steps we’re taking to comply with this new regulation.
How does GDPR apply to Routific?
Under the GDPR, organizations are recognized as data controllers, data processors, or both. The requirements differ depending on your role in the data collection and handling process. Routific is both a data controller (of data about our customers) and a data processor (of our customers’ data). Any Routific customers managing the data of EU citizens are also data controllers, with Routific acting as one of their data processors.
The GDPR has defined comprehensive data protection principles to standardize how data is collected and processed across countries. These include clarification around what constitutes “personal data”, requirements for explicit user consent to collect their personal data, standardization around the security of personal data, and the expansion of user rights with respect to their personal data and the “right to be forgotten”.
Routific has been working hard with GDPR experts to understand its requirements and their implications and is committed to continuously improving our data practices.
What is Routific doing?
Below are some of the steps that we’re taking as part of our GDPR compliance plan:
- Security and Data Audit: We’ve conducted an audit on the data we collect and the security of said data, to ensure that we are only collecting necessary data and that the data is sufficiently protected. We’ll be regularly reviewing our data and security policies to stay current with changes in regulation.
- Data Access, Portability, and Deletion: Want to see the data we have on you? Want us to get rid of that data? No problem just let us know, we want to make that as easy as possible for you and are currently streamlining that process.
We believe that GDPR is a great step in the right direction, and perhaps most beneficial is the increased discourse surrounding the protection and use of personal data. We’d love to hear from you if you have any questions or comments about our data policies.