General Data Protection Regulation

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy, and to reshape the way organizations across the region approach data privacy. Key articles of the GDPR and information on its business impact can be found here.

Following, please find a brief overview of some key features and processes we have put in place to support GDPR compliance. This overview is not meant to be legal advice, it is not meant to assure your organization is in compliance with GDPR regulations, and it is not meant to serve as a checklist of comprehensive GDPR compliance. Rather, this brief overview helps illustrate our standard operating procedures around some key components of the GDPR regulation that we feel will be most applicable to our customers, partners, and prospects.

Lawfulness of Processing

Requirement: SCTG will need to have a lawful reason to use your data. Lawfulness of Processing may be enacted via consent, via notice and/or via execution of a contract (e.g. becoming a customer or partner).

Remedy: SCTG has added the ability to track and audit the grant of Lawfulness of Processing within our CRM and Marketing platform. Effective 25 May 2018, all new records created will be in compliance with this requirement. If your record was created prior to 25 May 2018, we will make a best effort to provide you with this information.

Consent

Requirement: SCTG shall be able to demonstrate that you have consented to the processing of your information for business communications.

Remedy: SCTG has defined processes for the ability to respond to requests for consent verification. Effective 25 May 2018, all new records created will be in compliance with this requirement. If your record was created prior to 25 May 2018, we will make a best effort to provide you with this information.

Withdrawal of Consent (Opt-Out)

Requirement: SCTG shall be able to illustrate which communications you have provided consent to receive and provide the ability for this consent to be withdrawn upon your request.

Remedy: SCTG has defined processes for the ability to Opt-Out of business communications in part or in total.

Rectification

Requirement: SCTG shall be able to provide you with verification of any incomplete or inaccurate personal data upon request.

Remedy: SCTG has defined processes for rectifying incomplete or inaccurate personal data, upon request.

Access & Portability

Requirement: SCTG shall be able to provide you with the personal data you have provided to SCTG in a structured, commonly used and machine-readable format.

Remedy: SCTG has defined processes for providing individuals with the personal data they have provided to our company in a structured, commonly used and machine-readable format.

Right To Be Forgotten

Requirement: SCTG shall be able to permanently delete all personal data the company has about you including, but not limited to, emails, call records, support ticket submissions, etc.

Remedy: SCTG has defined processes for permanently deleting all personal data the company has about an individual including, but not limited to, emails, call records, support ticket submissions, etc.

However, certain personal data may be retained if such data is required for execution of the contract between the individual, the individual’s company and SCTG.

Still need help? Send us a note!

There are many more requirements within the GDPR legislation. As an EU citizen, should you or anyone in your organization have any questions, please contact us:

SCTG Legal Department
111 W. Jackson Blvd. Ste. 1600
Chicago, IL 60604 USA
privacy@servercentral.com

SCTG

111 W. Jackson Blvd #1600
Chicago, IL 60604

© 2019 ServerCentral Turing Group