We’re just a few months away from mandatory compliance with GDPR. The European General Data Protection Regulation (GDPR) replaces the EU National Data Protection legislation and is due to take effect in May 2018. The GDPR is a new regulation to protect personal data of EU citizens. It affects all organizations (even outside of the EU) that process data of EU citizens.

In our previous article “Preparing for the GDPR”, we shared some resources for learning more about the GDPR. In this article, we’ll share what we’re doing to comply with the GDPR.

 

 

Is Status.io GDPR compliant?

Yes. Status.io is GDPR compliant.

We are a “processor” and we are required to have a data processing agreement (DPA) in place for each client. If you don’t already have a DPA, it’s easy to create one with us by contacting support.

 

 

GDPR-Specific Data Compliance

Personal data is stored in various locations including: United States, Canada, Ireland, Australia.

Personal data we collect: email address, SMS address, IP address.

Personal data is processed through Amazon Web Services (AWS) and Twilio for email and SMS message delivery. DPA’s are in place with each processor.

To comply with the Conditions for Consent (GDPR Article 7), subscribers must opt-in to sign up to receive status notifications.

A subscriber can self-remove themselves and delete all data associated with their subscription. This is a requirement for the Right to Rectification and Erasure (GDPR Article 16).

In accordance with the Right to Restriction of Processing (GDPR Article 18), any person can request to never be processed through our system.

 

 

Additional Data Protection and Privacy Documents

 

Privacy Policy

Terms of Service

Security Information

 

At Status.io, we always treat personal data with care and respect. And we’re always looking for ways to improve our security and protections for data.

 

 

 

At Status.io, we always treat personal data with care and respect. We’re embracing the spirit of the GDPR and have been looking at how we can improve the security and protections of personal data.

Below we’re sharing some resources to help you better understand the GDPR and how it can affect your organization.

 

 

What is the GDPR?

The European General Data Protection Regulation (GDPR) replaces the EU National Data Protection legislation and is due to take effect in May 2018. The GDPR is a new regulation to protect personal data of EU citizens. It affects all organizations (even outside of the EU) that process data of EU citizens.

There is plenty of information available from the EU Commissioner’s Office to understand the GDPR. We recommend starting with the the Guide to the GDPR and “Preparing for the GDPR – 12 steps to take now”.

View the GDPR Key changes. This includes an overview of the main changes under GDPR and how they differ from the previous directive.

 

 

The following checklists help to assess compliance with the GDPR:

GDPR checklist for data controllers

GDPR checklist for data processors

 

 

Compliance Tools at Status.io

If you use Status.io for subscriber notifications, you may want to explore our Enhance Compliance functionality. Use the compliance tools to add disclaimers to your subscription signup form and additionally log the details of each subscriber’s opt-in. Learn more about our compliance features.

 

 

Disclaimer: This information is not legal advice.