Privacy By Design: display.io is GDPR compliant
display.io GDPR Compliance Overview
The General Data Protection Regulation (“GDPR”) takes effect on May 25, 2018. The GDPR is a substantial overhaul of the existing data protection framework under the European Union Data Protection Directive, as the world and technology have greatly evolved over the year.
Display.io ltd. (“Company”) is fully committed to comply with GDPR prior to its effective date, thus, for months, Company has designated an internal team, which are accompanied by the Company’s legal consultants and other professional and expert consultants, for the sole purpose of ensuring all required actions are taken in order to achieve GDPR compliance.
Please see below a general overview which details the Company’s compliance with GDPR.
Company only processes personal data to the extent necessary and in accordance with applicable privacy laws including the GDPR. Company has ensured there is an applicable lawful basis for any and all processing of EEA users’ Personal Data.
In addition, Company has ensured all documents, including without limitations, agreements, privacy policies online terms, IOs are compliant with the GDPR.
Company has trained its personnel and employees to educate them with regards to the GDPR, Company’s data practices and the importance of security.
Technological Organizational and Security Standards
The Company has completed an in-depth audit the process of mapping out all of its data sets and its technical and organizational security measures, all as stipulated in our security policy.
In accordance with GDPR, data subjects may exercise the right to access, rectification, restrict processing, erasure, data portability, the right to complain to a supervisory authority and the right to not be subject to automated processing. In order to exercise any of the above rights please contact our DPO at: firstname.lastname@example.org.
Transparency to Regulators
Company maintains accurate and accessible written records to the extent legally required to provide authorities, all in a timely manner.
Company has implemented a process, in the event of a data breach and will provide regulators and users with an immediacy of notification to the extent required under applicable law.
Company has appointed a DPO in order to ensure ongoing compliance with the GDPR which can be contacted at: email@example.com