top of page

GDPR Compliance

How we’re preparing for GDPR

Posted on May 21, 2018 by Jason Kaehler, CEO

What is GDPR?

The General Data Protection Regulation (“GDPR”) is a new European privacy regulation which will replace the current EU Data Protection Directive (“Directive 95/46/EC”). The GDPR aims to strengthen the security and protection of personal data in the EU and harmonize EU data protection law.

To whom does GDPR apply?

The GDPR applies to all organizations operating in the EU and processing “personal identifiable data” of EU residents. Personal data is any information relating to an identified or identifiable natural person.

To what implications does GDPR have for organizations processing the personal data of EU citizens?

One of the key aspects of the GDPR is that it creates consistency across EU member states on how personal data can be processed, used, and exchanged securely.

Organizations will need to demonstrate the security of the data they are processing and their compliance with GDPR on a continual basis, by implementing and regularly reviewing robust technical and organizational measures, as well as compliance policies.

At Asylum Labs, we value your privacy. We’re committed to keeping the information you provide to us secure and confidential. With that in mind, we’ve made some updates to our Terms of Services and Privacy Policy to comply with the new requirements under the EU General Data Protection Regulation (GDPR) coming into effect on May 25, 2018.

What data we are collecting from you?

  • Identity information

  • Contact information

  • Profile information

  • Feedback and correspondence

  • Financial information

  • Transaction information

  • Usage information

  • Marketing information

Check out Asylum Labs Privacy Policy for more details.

How we use your personal data?

General Uses

(a) operate, maintain, administer and improve the services;

(b) send transactional messages, including responses to your comments, questions, and requests; provide customer service and support; and send you technical notices, updates, security alerts, and support and administrative messages;

 

(c) respond to your service-related requests, questions and feedback;

 

(d) monitor and analyze trends, usage, and activities in connection with our website, services and for marketing or advertising purposes;

 

(e) personalize our website and services, including by providing features or advertisements that match your interests and preferences; and

 

(f) for other purposes for which we obtain your consent.

Check out Asylum Labs Privacy Policy for more details.

Your Rights

You may be entitled to:

  • opt out from processing of your personal Information for direct marketing purposes;

  • request information regarding the processing of your personal Information, including to be provided with a copy of your personal data;

  • request the correction and/or deletion of your personal Information, or object to the processing of your personal Information;

  • request the restriction of the processing of your personal Information;

  • request receipts or transmission to another organization, in a machine-readable form, of the personal Information that you have provided to us; and

  • complain to your local data protection authority, or to a court of law, if your data protection rights are violated. You may be entitled to claim compensation for damages or distress incurred or suffered as a result of unlawful processing of your personal Information.

 

Security

The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. Check out Security Page for more details.

List of Data Subprocessors

Welcome to Asylum Labs Subprocessor repository page where we maintain a current list of Subprocessors authorized to process customer data for Asylum Labs services. Asylum Labs imposes data protection terms with each Subprocessor regarding their security controls and applicable regulations for the protection of personal data.

Entity Name, Entity Location

Amazon Web Services, Inc.USA

Mail Chimp, USA

Linode, USA

What has Asylum Labs prepared for GDPR?

 

All vendors are required to sign an EU Data Protection Agreement prior to working with us. This document addresses common requirements concerning Notice, Choice, Onward Transfer, Access, Security, Data Integrity and Enforcement of the Personal Data with respect to the vendor’s Personal Data. Any vendor has the right to terminate its working relationship with us and request the deletion of Personal Data pertaining to them.

Our team is educated on changes related to GDPR and other data handling practices so all employees understand our security standards and commitment to privacy for our users.

We take a holistic, risk-based approach to security. This means the platform secures your data in transit and at rest, restricts and secures data access, and provides continuous incident monitoring.

Any third-party service providers that are utilized by us will only be given access to Your Account and Service Data as is reasonably necessary to provide the Service and will be subject to their implementing and maintaining compliance with appropriate technical and organizational security measures. Check out Asylum Labs Subprocessor List for more information.

Our Data Processing Agreements have been updated. For more information on how customers can enter into it, contact Asylum Labs at support@asylumlabsinc.com.

Transfers of personal data outside the European Economic Area (EEA) are permitted as long as certain safeguards apply. Our customer DPA contains the EU Model Clauses, which are industry standard for data safety. This means that we agree to protect any data originating from the EEA in line with European data protection standards.

In line with our current policies, we will promptly inform you of any incidents involving your users’ personal data.

We look forward to continuing to build on our commitment to data security and privacy. If you have any questions about how GDPR affects you as a customer, our support team is happy to help.

1. Updated our Terms of Services and Privacy Policy to simplify the language around our data policies to make it clearer and more understandable

2. Coordinate with our partners

3. Educate Asylum Labs employees

4. Take security measures

5. Prepare Data Processing Agreements (DPAs)

6. Certify for International Data Transfer

7. Prompt breach notifications

bottom of page