Information about our privacy & General Data Protection Regulation efforts
The European General Data Protection Regulation (“GDPR”) legislation introduces a new set of rules for the processing of personal data. GDPR is the most modern and fully integrated legislation on data privacy, and the applicability of the GDPR does not stop at the borders of the European Economic Area (“EEA”).
forms2 has embraced the requirements of GDPR, and we consider GDPR to be the benchmark for our privacy and data protection efforts. Below you’ll find information about GDPR, as well as answers about data protection and privacy at forms2mobile, for your convenience.
Why GDPR should matter to you
GDPR modernises outdated privacy laws and impacts your organisation if you collect or process data in or from Europe.
If you’re based in Europe, or you work with persons that are in Europe, then you likely need to comply with GDPR.
Significant fines of up to €20,000,000 or 4% of global annual turnover, whichever is greater, could be levied on you if your organisation is impacted and is not GDPR compliant.
How to prepare for GDPR
If your organisation is impacted by GDPR, then you need to make sure you are compliant with the legislation before it commences on 25 May 2018.
The good news is that we make it easy to use forms2 in a GDPR-compliant way!
The following steps are recommended as a means to achieving compliance.
NOTE: We’re not lawyers! If you’re unsure about your compliance status, seek legal advice.
Review your vendors and data flows
Make a list of your software and other vendors, and document the data flows across your business, what type of personal data you collect and who has access. It’s likely that you will need to put in place agreements that assure data protection with any vendors you submit personal data to.
Review the forms2 DPA if applicable
Should you need to explicitly sign a data processing agreement with forms2mobile, then please email us at firstname.lastname@example.org
Identify and mitigate your risks
Perform a risk assessment within your business to identify any gaps that need to be addressed for meeting GDPR compliance.
Implement your compliance ongoing
Plan and implement your GDPR compliance activities ahead of the May 25, 2018 deadline, and then ensure that compliance continues thereafter as an ongoing discipline for your organisation.