Instructions
25 May 2018 marks marked the start of enforcement of the European Union’s General Data Protection Regulation. This new piece of legislation has had a great impact on anyone whose business involves handling personal data about EU residents or within the EU. Naturally, personal data is a part of the arch and clinical trials, so we have been busy making sure that we are compliant.
...
According to Article 28 of the GDPR, the relationship between the controller and the processor needs to be made in writing (electronic form is acceptable under subsection (9) of the same Article). This is where our Terms of Service and Privacy Policy come in. These two documents also serve as your data processing contract, setting out the instructions that you are giving to CDS with regard to processing the personal data you control and establishing the rights and responsibilities of both parties. CDS will only process your Client Data based on your instructions as the data controller.
...
Data subjects’ ownership of their personal data is at the heart of the GDPR. We have created a readiness to respond to data subject requests to delete, modify, or transfer their data. This means that our Customer Support Specialists along with the Engineers that assist them in their work are well-prepared to help you in any matters involving your personal data, in addition to providing the awesome customer support experience that you are accustomed to.
Documentation
Our Terms of Service and Privacy Policy are constantly being revised to increase transparency and to make sure the documents meet GDPR requirements. As these are the basis for our relationship with you, it is very important for us to comprehensively and openly explain our commitments and your rights in these documents. Additionally, we’re constantly mapping all our data processing activities to be able to comply with the GDPR accountability requirements.
...