BLOG DETAILS

shape
shape
shape
shape
shape
shape
shape
shape
blog-details
15
May

Impact of GDPR on survey management

Background:

The General Data Protection Regulation is a new set of privacy regulations and guidelines that replaces the Data Protection Directive 95/46/EC and effective May 25, 2018.

The General Data Protection Regulation (GDPR) will require numerous changes to organizations in the way they collect and process EU personal data. The GDPR contains many or several new protections for EU citizens and threatens significant penalties for non-compliance. In addition, there are new security, recordkeeping, access rights, and notification procedures that companies must implement to ensure compliance. Issues that are attracting particular focus include increased administrative requirements, and the need to provide the tools necessary to meet the numerous obligations on both controllers and processors.

Pinecrow offers a self-service solution via SaaS and enables users to solely determine what data to use and process, from whom and where, for what purpose, and for how long. Therefore, Pinecrow does not and cannot classify or represent any Customer data. All data are processed electronically on the instructions of the Customer as required to provide the software, support, and maintenance.

Enabling the User to be GDPR Compliant

Pinecrow enables its Customers to be GDPR compliant. That means Pinecrow will:

  1. provide sufficient guarantees to the controller to implement appropriate technical and organizational measures designed to safeguard Customer data

  2. process data (that could include personal data) only to fulfill its obligations as related to the Services

  3. enable users to modify and delete individual data points

  4. enable users to modify and delete complete project notes

  5. enable users to modify and delete the entire project

  6. provide security documentation that describes the processes and procedures for safeguarding the data

  7. sign a contract that governs the processing of EU personal data