On May 25, 2018, a new privacy law called the General Data Protection Regulation (GDPR) takes effect in the European Union (EU). The GDPR expands the privacy rights of EU individuals and places new obligations on all organizations that market, track, or handle EU personal data. Brightidea is committed to helping our customers comply with the GDPR through our robust privacy and security protections.
What Brightidea is Doing
Brightidea welcomes the GDPR as an important step forward in streamlining data protection requirements across the EU and as an opportunity for Brightidea to deepen our commitment to data protection.
Similar to existing legal requirements, compliance with the GDPR requires a partnership between Brightidea and our customers in their use of our services. Brightidea will comply with the GDPR in the delivery of our service to our customers.
We are in the process of analyzing the requirements of the GDPR and are working to make enhancements to our products, contracts, and documentation to help support Brightidea's and our customers’ compliance with the GDPR.
Brightidea plans to be ready by May 25, 2018 for GDPR compliance.
Brightidea has certified its compliance with the EU-U.S. and Swiss-U.S. Privacy Shield frameworks to the U.S. Department of Commerce and has been added to the Department of Commerce’s list of self-certified Privacy Shield participants.
Our certifications confirm that we comply with the Privacy Shield Principles for the transfer of European and Swiss personal data to the United States.
This is great news for our customers, providing them with an even better data transfer mechanism than the former U.S.-EU and U.S.-Swiss Safe Harbor Frameworks.
Brightidea moved quickly to adopt the Privacy Shield principles as part of our ongoing commitment to privacy and protecting our customers’ data.