To comply with the upcoming GDPR from time to time, we’re committed to ensuring that we and our customers adjust to the scope of the changes by being transparent about our practices and how we protect data and privacy.
Our Data Protection Officer can be reached at email@example.com. He is a citizen of France, EU, and a resident there. He is a Data Protection Officer (GDPR DPO) working under “professional secrecy”. Officially declared as it at the French data protection authority (CNIL). Member of the AFCDP (French Association of Data Protection Officers). He is also Cybersecurity certified with VHL and VHL Advanced Plus (virtual hacking lab) and SPSE certifications (Python for pentesters).
To improve security safeguards and support needed processes, we have already implemented all the instructions and guidelines of GDPR Compliance.
To be fully compliant with the new regulations, we applied for EU-US and Switzerland-US Privacy Shield programs, which cover the transfer of data between the EU and the US.
A new Trust page will be a place to educate customers and prospects and serve as a starting point to submit requests and initiate internal processes related to the rights of the data subjects under GDPR and Privacy-Shield regulations.
New roles (Data Protection Officer and EU representatives) and processes will be in place to help us and our customers become compliant with the requirements of GDPR and EU-US privacy shield regulations.
According to GDPR, these rights/processes include:
Access to personal data about a subject.
Correction of incorrect personal data.
Object to processing personal data on the platform.
Delete personal data.
Transfer data to another processor or controller.
EU-US Privacy shield related.
Clearly stated rights, such as the ability to understand how personal data is profiled or automatically processed.
Ability to file a complaint with GDPR or EU-US Privacy shield authorities.
Content Charisma will act as the controller (regarding personal data of our customers) and processor (for the data of customer customers and prospects) to act promptly on any request and to help our customers to be compliant to the most possible extent.
Moreover, we expect to automate most of these processes and provide necessary improvements both on the process and product sides.
All personal data, where Content Charisma acts as a processor, is stored in the Heroku and AWS which is a secured and 24/7 – 365 days a year supported environment.
Personal data in the cloud, as well as all other details regarding customers, are encrypted by default.
All passwords and login credentials (including access to customer email accounts for service to process) are encrypted.
Administrative features have been implemented to be able to delete and export personal data within Content Charisma on request.