GDPR – A New Era in Privacy Regulation
Learn more about how the GDPR affects Snap Schedule 365 and our commitment to GDPR compliance.
The General Data Protection Regulation (GDPR) introduces a new privacy era that strengthens the rights of individuals. This regulation defines the obligations of organizations that collect, store, and process personal data belonging to European Union (EU) residents.
In addition to our own compliance as a data processor, we are committed to helping our customers comply with GDPR requirements that may apply to their use of Snap Schedule 365 Software-as-a-Service.
OUR COMPLIANCE WITH THE GDPR
Privacy by Design
We have integrated privacy by design principles into our software development process to guide how we build products and operate our services. In designing Snap Schedule 365, we focus on satisfying all legitimate business objectives while protecting privacy. When faced with a design choice, we default to giving more control over privacy rather than less.
We maintain appropriate technical and organizational measures for protection of the security (including protection against unauthorized or unlawful processing and against accidental or unlawful destruction, loss, alteration or damage, unauthorized disclosure of, or access to Customer Data.
We have security built into every layer of Snap Schedule 365 and use Microsoft Azure cloud platforms which come with proven physical security, IT security, replication, backup, and disaster recovery planning. Refer to Microsoft Trust Center for more information.
We take commercially reasonable steps to ensure that any person who is authorized by us to process Customer Data (including our staff, agents and subcontractors) shall be under an appropriate obligation of confidentiality (whether a contractual or statutory duty).
We offer customers a robust data processing addendum containing strong security and privacy commitments that few software companies can match. The data processing addendum is our contractual obligation to process data in a GDPR compliant manner.
We are committed to always being fully transparent. We do our very best to protect your data, though the unexpected could happen. In such cases, we will notify you, the supervisory authority and all affected parties according to the GDPR requirements.