What is GDPR?
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that regulates the use of personal data of EU (European Union) residents and provides individuals the right to exercise control over their data. GDPR came into effect on 25 May 2018. Simply put, the GDPR gives every EU citizen the right to control the way their personal data is processed and places an obligation on every organization to manage data fairly and transparently and to demonstrate their compliance. For more detailed information, visit the European Commission website.
What does GDPR cover?
GDPR is concerned with all kinds of personal data, which is any information relating to an identifiable individual (a data subject).
Although created by the EU, GDPR applies to any organization (or person) with a European presence, or that deals with the personal data of data subjects within the EU.
Benefits of GDPR Compliance
There are many positive business outcomes of compliance with GDPR including efficient data management, streamlined processes, transparency, security, better internal controls, risk reduction, long-term cost reduction, and updated technology.
Our Commitment to GDPR
We believe in our service and can provide the level of protection for compliance with the EU General Data Protection Regulation.
- All Salesforce data backed up in Vault is kept secure.
- EU citizens have the right to access their Salesforce data.
- The use of personal data collected within Vault is done in a legal, fair, and reasonable way.
What features within Vault support compliance with GDPR requirements?
Vault provides industry-standard security measures such as encryption, multi-factor authentication, access controls, and auditing to support compliance with GDPR rules.
Right of Access
As per Article 15 of the GDPR, individuals have the right to obtain access to their personal data, so that they are aware of and can verify the lawfulness of the processing. The information must be provided within 30 days of a request, free of charge.
Vault: Upon request, we quickly respond to requests for data access that contains your Salesforce information.
Right to Data Portability
As per Article 20 of the GDPR, individuals have the right to move, copy or transfer personal data easily and securely from one IT environment to another.
Vault: Based on a user's permission level, entire Salesforce metadata/ data components can be removed from our platform.
Right to Be Forgotten Request
Article 17 of the GDPR, the right to erasure, also known as the right to be forgotten or RTBF, enables individuals to request the deletion or removal of their personal data when there is no compelling reason for its continued processing.
Vault: Your files stored in Vault are easily searchable and based on your user’s permission level in Vault, you can delete them.