Vagebond GDPR compliance
The EU General Data Protection Regulation (GDPR) comes into effect on May 25, 2018. Vagebond is ready.
Does GDPR affect me?
If you’re based in the EU or do business in the EU, yeah! GDPR has a long reach. If you have any EU personal data in your application, such as names, email addresses, ID numbers, or… anything personally identifiable, then GDPR applies. You are a Controller of personal data under GDPR, so you need to enter into GDPR-compliant data processing agreements with any online services and third party vendors you rely on, including Vagebond. These agreements are commonly called a Data Processing Addendum, or DPA.
Data Processing Addendum
Contracts required! Processing EU personal data must be governed by a GDPR-compliant contract. Vagebond provides a standard Data Processing Addendum (DPA) to extend GDPR privacy principles, rights, and obligations everywhere personal data is processed.
Subprocessors
Vagebond uses third party subprocessors, such as cloud computing providers and email gateways, to provide her services. She enters into GDPR-compliant data processing agreements with each subprocessor, and requires the same of them. List of subprocessors.