Last Updated: 23 May, 2018
Here at Apostille Service, we take your data privacy and security very seriously. We’re currently preparing for the European General Data Protection Regulation (GDPR), which is coming into force on May 25th 2018.
What exactly is GDPR?
The General Data Protection Regulation (GDPR) is the result of years of work by the European Union to unify and strengthen data protection for all citizens within EU borders.
GDPR gives you more control over how your data is used, while to us it will constitute a change of the legal environment in which we operate. That makes this change desirable and very beneficial to both parties, regardless of it being mandatory.
Our company is doing everything to ensure that our product, policies, and procedures will be compliant with those regulations before they will become enforced on May 25th 2018.
So how does GDPR work?
First of all, GDPR affects and applies to every single organisation that processes personal data of EU citizens, whether kept within the EU or outside of it. Any person-related information that can be used to identify is subject to GDPR regulation and its job is to ensure that processing any personal data (collecting, transferring, storage, and use) is made in the most secure way possible.
GDPR is in place to prevent any kind of data leakage or violation and will ensure that every company maximises their security around customers' data.
What is MS in Germany doing to be prepared?
We want to focus on giving you the tools to choose what you wish to do with the data and to what extent you wish to provide or process it.
We are undergoing an entire process of evolving into a better product by working alongside our attorneys and GDPR advisors, which will ensure that everything is top-notch and fully compliant.
That is not a process that can happen overnight, so we're very grateful for your understanding. Just hang in there and we’ll be done sooner than you think 🙂
It will require a lot of changes in our company, most of which will not affect you as a customer in any noticable way. The changes will have no impact on the user-side of things, but we will keep you updated on those nonetheless - so check back for updates soon!
What do I need to do?
MS in Germany is not making use of this data other than to follow up on users’ registered issues or inquiries. Your personal data will be processed and transmitted in accordance with the General Data Protection Regulation (GDPR).
Other than that we will not require anything to be done on your end; we want to make sure that this process is done as smoothly as possible for all parties involved.
A few examples of what GDPR requires, imposes, or provides:
Expanded individual rights
GDPR grants expanded rights for individuals in the European Union by allowing them, amongst other things, the right to be forgotten and the right to request a copy of any personal data stored in their database
GDPR requires all organisations to implement appropriate security policies, keep records on data activities, and enter into written agreements with vendors to make sure that data is protected.
Data breach notifications
GDPR requires organisations to report certain data breaches to data protection authorities and, under certain circumstances, to the affected data subjects.
New requirements for profiling and monitoring
GDPR imposes additional obligations on all organisations engaged in profiling or monitoring behavior of EU individuals.
GDPR provides a central point of enforcement for all organisations operating in the EU or processing data of EU individual member states by requiring companies to work with a supervisory authority for cross-border data protection issues.