General Data Protection Regulation (GDPR) is a set of data privacy regulations issued by the European Union (EU) government and legal entities on May 25th, 2018. GDPR provides a common set of regulations that strengthen the protection of the personal data of EU residents, regardless of which companies they do business with. GDPR impacts Tymeshift along with most of our customers.
Note: below rules are interpreted and presented by Tymeshift, for the most current and additional information about the regulations, you can visit the official EU site.Individual Rights
There are eight data subject rights under GDPR:
- Right to be Informed - this right emphasizes transparency to individuals and an obligation to provide ‘fair processing information’ while using clear and plain language at the time the customer obtains consent to begin collecting personal data.
- Right of Access - this right helps individuals access their personal data so they are aware of and/or verify the lawfulness of the processing.
- Rights related to Automated Decision Making - this right provides safeguards to individuals against the risk of a potentially damaging decision to be taken without human intervention.
- Right to Object - on certain grounds, this right allows an individual to object to data processing for the purposes of profiling or direct marketing.
- Right to Rectification - this right states that individuals are entitled to have personal data rectified if it is inaccurate or incomplete.
- Right to Erasure - this right enables an individual to request the deletion of personal data if it is no longer necessary or the data subject withdraws consent.
- Right to Restrict Processing - this right provides individuals to have a right to block or suppress processing of personal data.
- Right to Data Portability - this right allows individuals to obtain and reuse their personal data for their own purposes across different services.
If you have a request to invoke any of your rights listed above, contact Tymeshift's support team to submit your request. You may also have a user who needs to be removed from your Tymeshift account. In this case, you should still contact the Tymeshift support team to process this request.
In the event of a GDPR breach, Tymeshift will contact the affected Tymeshift account administrators and designated contacts, and will immediately trigger remedial action to ensure compliance. Throughout this process, Tymeshift has procedures in place to ensure effective and timely communication with the affected customers.
A DPA is an agreement entered into between the data controller and data processor which evidences that the data processor is complying with relevant requirements under the GDPR. If you require execution of a DPA, you may contact us at firstname.lastname@example.org, and we will provide a document for you to countersign.