How We’re Preparing for GDPR
The EU General Data Protection Regulation (GDPR) sets new standards for how companies use and protect EU citizens’ data. It becomes effective May 2018.
At MindFire, we are working hard to prepare for GDPR, ensuring that we fulfill its obligations and maintain our transparency about customer data.
At present, we are busy figuring out how to convert GDPR legal provisions into tangible actions. This work is overseen by a dedicated GDPR committee, which meets on a regular basis and is responsible for managing all aspects of the transition.
Here’s an overview of GDPR, and how we are preparing for it at MindFire:
The EU General Data Protection Regulation (“GDPR”) is a new data protection law that comes into effect on May 25, 2018. It replaces existing EU Data Protection law to strengthen the protection of “personal data” and the rights of the individual. It is a single set of rules which govern the processing and monitoring of EU data.
I am a MindFire Client. Does it affect me?
Yes, most likely. If you hold or process the data of any person in the EU, the GDPR applies to you, whether you are in the EU or not.
How is MindFire preparing for GDPR?
Our teams have been working to define our GDPR roadmap, which we intend to publish soon on this page.
Because GDPR requires a massive overhaul of processes and data models, we intend to keep you apprised of everything we are doing to make sure we are meeting our legal obligations, and doing the best thing for our customers and yours.
Here are the main things we have been doing (or will do) to ensure we are setting up ourselves and our customers up to meet GDPR obligations:
We Will Build New Features & Infrastructure
Our teams are building (or in some cases, have already deployed) the necessary features and infrastructure that will enable our customers to meet their GDPR obligations.
MindFire will help you meet your data portability requirements for GDPR, meaning you will be able to export all of your data or granular subsets linked to an individual Contact, and permanently delete all data related to a single user.
We will publish our Data Processing Agreements (DPAs)
Robust data protection commitments are a vital part of GDPR’s requirements. Our new data processing agreement will share our privacy commitments and sets out the terms for MindFire and our customers to meet GDPR requirements.
We will announce a Data Protection Officer
Soon, we will announce a dedicated Data Protection Officer to oversee and advise on our data management. This is not a requirement but highly suggested for companies like ours as they make the transition through the GDPR process. Likely, you should consider appointing one as well.
We are coordinating with our vendors
We are reviewing all our vendors, finding out about their GDPR plans and arranging similar GDPR-ready data processing agreements with them.
We are taking new security measures
Security is a priority for us. We will keep sharing information on our progress, and we will also help our customers (and, in the case of those of you who are providing services to your Clients via MindFire) be compliant. Some steps you can take are:
- Get familiar with the GDPR requirements and how they affect your company.
- Map out everywhere you process data and carry out a gap analysis (including your interactions with MindFire)
- Look at all the software and tools you use to manage data, and think about privacy, security, and GDPR requirements from top-to-bottom.
- Speak with your lawyer about your specific needs to ensure you’re aware and compliant.
Feel free to reach out to us in the comments, or via email@example.com.
Latest posts by David Rosendahl (see all)
- How We’re Preparing for GDPR – May 9, 2018
- What Every Printer MUST Know About ABM, CDP, and AI (What The?!) – April 26, 2018
- MINDFIRE ANNOUNCES LAUNCH OF “DA VINCI” MARKETING TECHNOLOGY TO GROW SALES FOR PRINTERS – March 24, 2018