Gislen Software Private Limited is located outside the European Union. However, we work mostly with clients in the European Union, in some cases, this is done via one of our wholly-owned subsidiaries located in the European Union. GDPR, therefore, applies to us as to how we handle personal data about European subjects and we are fully committed to achieving full compliance.
We have identified the areas in which GDPR affects our work:
- Our website, which stores visitor personal information and provides forms for visitors to use to contact us or comment on posts. We also use service providers to support the site which, according to GDPR, act as processors for analysing visitor data.
- In our back-office systems in India where we store data about client contacts in emails, in documents and other ways.
- We are processors for our European clients who handle personal data of European subjects. Mostly this is done remotely from our office and the data itself remains on European servers. In most cases, our role is to support the systems and not process personal data. But, to support the systems, we will in many cases have access to the data itself. We will sign processor agreements with relevant clients based on the Standard Clauses provided by the Commission.
The right to privacy of our clients, their employees and customers are our priority. We intend to achieve full GDPR compliance and ensure that individual privacy is maintained in every way.
What is GDPR?
GDPR stands for the General Data Protection Act, legislation which provides comprehensive pan-European data protection. GDPR was introduced in the European Union and the European Economic Area (EU/EEA) in May 2018 replacing the 1995 Data Protection Directive. GDPR regulates authorities and organisations as to how they are allowed to process data (called ‘personal data’) about individuals in the EU (called ‘data subjects’) including collecting, storing, transferring or use.
GDPR gives individuals free of charge rights to control their data. Individuals have the right to know what data an organisation stores about them and to request a correction, deletion or even transfer to another organisation when that is applicable. GDPR requires organisations to report breaches within 72 hours of discovery. The regulatory bodies in each country are getting significantly more ability to enforce compliance and impose high fines for non-compliance and breaches.
For more information about the GDPR please read the official web page.
Gislen Software GDPR compliance and information
We have a few pages on our website describing our roadmap to GDPR Compliance and further information about GDPR.