General Data Protection Regulation (GDPR) is a new set of data privacy regulations by the European (EU) government and legal entities that want to strengthen data protection for all individuals in the EU. GDPR provides a common set of regulations that strengthen protection of the personal data of EU residents regardless of which companies they do business with.
- How consent for data collection and processing must be obtained
- How data subjects may exercise their rights regarding personal data
- What must be done to demonstrate that data is processed and secured in accordance with the GDPR
For more detail about the regulations, you can visit the official EU site.
When does this take effect?
The new regulations are set to take effect on May 25, 2018.
Who will this impact?
This will impact Tymeshift along with most of Tymeshift´s customers.
Where can I access your terms of service?
You may access our terms of service by visiting: www.tymeshift.com/terms-of-service
There are 8 data subject rights under GDPR:
Right to be Informed
This right emphasizes transparency to individuals and provides an obligation to provide ‘fair processing information’ while using clear and plain language at the time the customer obtains consent to begin collecting personal data.
Right of Access
This right helps individuals access their personal data so they are aware of and/or verify the lawfulness of the processing.
Rights related to Automated Decision Making
This right provides safeguards to individuals against the risk of a potentially damaging decision to be taken without human intervention.
Right to Object
On certain grounds, this right provides an individual to object to data processing for the purposes of profiling or direct marketing.
Right to Rectification
This right states that individuals are entitled to have personal data rectified if it is inaccurate or incomplete.
Right to Erasure
This right enables an individual to request the deletion of personal data if it is no longer necessary or the data subject withdraws consent.
Right to Restrict Processing
This right provides individuals to have a right to ‘block’ or suppress processing of personal data.
- Right to Data Portability
This right allows individuals to obtain and reuse their personal data for their own purposes across different services.
How to Invoke Your Rights
If you have a request to invoke any of your rights listed above, contact the Tymeshift support team to submit your request. Once a request is submitted, you will be able to monitor for completion with the support ticket submitted.
Since Tymeshift is a data processor, you may have a user who needs to be removed from your Tymeshift account. In this case, you should still contact the Tymeshift support team here, to process this request.
In an event of a GDPR Breach
In the event of a breach, Tymeshift will contact the affected Tymeshift account administrators and designated contacts and immediately trigger remedial action to ensure compliance. Throughout this process, Tymeshift has implemented procedures to ensure effective communication with the affected customers.
Shall you require execution of a DPA you may contact us at firstname.lastname@example.org and we´ll provide a document for you to countersign.