At Syft, we’re dedicated to helping our users understand and, where relevant, comply with the General Data Protection Regulation (GDPR). The GDPR is a comprehensive data protection law that regulates the use of EU residents’ personal data, giving individuals the right to exercise control over their data, and requiring organizations that process personal data to meet certain obligations.
As well as strengthening and standardizing user data privacy across EU member states, the GDPR introduces new or additional obligations to all organizations that handle EU citizens’ personal data, regardless of where the organizations are located. In this article, I'll explain how we help our users comply with the GDPR.
GDPR compliance
The GDPR’s updated requirements are significant and our team has adapted its product offerings, operations, and contractual commitments to help you comply with the regulation. As we process data on our users' behalf, we have taken measures to:
Ensure our security infrastructure is of the highest standard and meets top certification requirements
Update the relevant contractual terms
Establish protocols for data residency at Syft so that global teams may choose the region where certain types of data at rest are stored
Additionally, we make sure to keep tabs on the privacy-related regulatory organizations' guidelines for GDPR compliance and adjust our product features and contractual obligations accordingly. We’ll keep you up-to-date with any changes that are made in this regard as they occur.
Our security infrastructure standards and certifications
Protecting our users’ information and privacy is of the utmost importance to us. As a cloud-based company entrusted with some of our users’ most valuable data, we’ve set high standards for security. To this end, we’ve received several security certifications from the American Institute of Certified Public Accountants, such as SOC 2 Type I and SOC 2 Type II.
Moreover, Syft has invested heavily in developing a robust security team capable of handling a variety of issues – everything from threat detection to building new tools. In accordance with GDPR requirements relating to security incident notifications, Syft will continue to meet its obligations and offer contractual assurances.
If you’d like to learn more about Syft’s security policies and procedures, please visit our Security Center. It provides detailed information on how we approach security and GDPR in particular.
Updates
At Syft, we are committed to maintaining the security and privacy of your data. So we’re glad to comply, and help you to comply, with the GDPR. If you have any questions about your rights under the GDPR as a user or how Syft can help you with compliance, please consult our Security Center to find out more or ask your Account Manager for further details.