In 2016 the European Commission approved and adopted a new framework for European data protection law called the General Data Protection Regulation (GDPR). The GDPR requirements will become effective on May 25, 2018 and will affect all companies who process personal data of individuals in the EU.
Here at OnboardFlow we embrace the changes being brought in by this new regulation and see it as an opportunity to further improve how we communicate with you, use and share your data and fundamentally, how we place your privacy, security and rights at the forefront of everything that we do.
As both a data controller and processor, we have taken measures to ensure our compliance with the GDPR.
We have been working hard over the recent months to ensure compliance with the GDPR. Below is a high-level overview of the key activities we have performed:
Appoint a Data Protection Officer
Assess our product and business to determine areas impacted by GDPR
Conduct an internal audit to ensure that all third parties and suppliers used by OnboardFlow are GDPR compliant
Update our Terms & Conditions
Create a dedicated page to document our GDPR activities and compliance
Create a dedicated page to outline how we secure our customers data
Communicate our compliance with our customers
Our server infrastructure is hosted by Amazon Web Services (AWS) - in their North Virginia (US) region. You can read more about our Security provisions and overview by heading to our Security section.
Please email us if you'd like to exercise your rights under GDPR. You can request to have your data deleted as well as request further information on how your data is being used - amongst other things.