Technical development has progressed rapidly over the past few years, and we spend many of our waking hours online today. As online services require more and more information from you as a user, it becomes increasingly important to understand how your personal data is used and what rights you have.
In short, GDPR grants you more rights and demands more of the companies that provide these services, as well as on how suppliers manage personal data.
The previous set of laws now replaced by GDPR took processing of personal data very seriously. In an educational context we’ve seen this change first hand, not least in the dialogue local governments have maintained with big cloud providers around how these services can and should be used in a classroom context. Methods of storing and processing personal data varied between different EU member nations, and the rapid pace of technical development motivated an EU-wide body of laws to cover all processing of personal data.
We welcome this new set of regulations and the new demands placed upon us as a supplier of online services. It has always been imperative for us to handle your personal data with the utmost care and consideration, just like we expect our own personal data to be managed.
We always ask for your consent to save and manage any personal data you provide, and you always have the right to get your data exported and/or deleted if you want to exercise your right to be forgotten. It is our utmost priority that you always feel safe and cared for in your relationship with us. This is why we made a dedicated effort and managed to be completely GDPR-compliant from the beginning of May 2018.
In practical terms, GDPR has brought both organisational and technical changes from our end. From a technical perspective, we’ve done an audit of what data we store, where we store it and why it’s stored to be able to guarantee that everything is managed correctly. We’ve also updated our systems to provide you with the ability to have your data exported and properly deleted. If the worst where to happen, we’ve also created stricter routines for incident management and communication and run drills for relevant staff. In short, we’ve been careful to ensure that the consequences of an incident have as little impact as possible while providing as clear, correct and immediate information as possible.
As part of GDPR, you have the right to be notified if/when we add a new subprocessor that might process your personal data, or when we terminate our relationship an existing one. By adding your email below, you're guaranteed to always get a notification when this occurs.
We'll never send anything but information about our subprocessors or other information pertaining to our relationships with our subprocessors to the email provided. You can always contact us at firstname.lastname@example.org if you want to have your email removed, or use the unsubscribe-link at the bottom of every email.
The link below will take you to the complete list of our subcontractors