This GDPR Compliance was last updated on June 1, 2018
Uploaded on June 1, 2018
Following the interests of the EU residents, SignOnTheGo® guarantees full compliance with the General Data Protection Regulation (GDPR). This regulation applies strict conditions on the way an organization collects, shares and manages user data. GDPR also extends the rights of customers, giving them greater control over their personal data.
On May 25, 2018, the General Data Protection Regulation (GDPR) comes into effect within the European Union. This data privacy law regulates how businesses collect, process and use personal data as well as gives individuals greater control over their personal data. SignOnTheGo® considers the privacy of its user’s data a top priority. Learn what our team has done to fully comply with GDPR laws.
Customer documents and information therein are encrypted and accessible only by the customer. We also encrypt critical system databases. All of SignOnTheGo’s systems limit any personal information therein and ensure sensitive data is encrypted
SignOnTheGo, LLC. allows users to request deletion of personal data and means to notify customers of requests from their users.
We’ve modified our vendor agreement to ensure that our vendors are in compliance with GDPR requirements.
SignOnTheGo staff is obligated to maintain the confidentiality and security of customer data. We’ve updated our training policies to reinforce our security and privacy policies.
SignOnTheGo complies with major security standards and regulations such as PCI DSS, SOC 2 and the U.S. ESIGN act of 2000. These standards help us manage customer data, preserving security and confidentiality as required under GDPR.
The Company retains the personal data for the period as required by the law. The Company may retain the data which may be used for proving the existence of the IT Services and the performance of such IT Services for the period of the IT Services and by the time all the rights or obligations under the contract are terminated or may retain data until the expiration of the claim limitation period, whichever is longer – in accordance with the data retention policies applied by the Company
The Company will delete the personal data without delay when the purpose of personal data processing is achieved, or the retention period is expired unless the personal data is necessary or mandatory by the laws or the contract with the third party. In case of the personal data in the form of the paper, the Company uses the paper shredder to dispose of such data or incinerate the paper, and in case of the personal data in the form of the electronic files, the Company deletes the data by using the means which preclude any restoration of such data.
SignOnTheGo, LLC, the Company, for administrative and work efficiency purposes, collaborates with SmarTech-IT SP. Z.O.O., it’s affiliate entity to manage your personal data. The Company and its affiliate, SmarTech, has entered into the EU standard data protection clauses as required by the GDPR. SmarTech-IT will access your personal information such as name, email, phone number in the Company’s systems in order to manage and maintain the appropriate services.
Personal data shall be processed to the extent of “Purpose and legal grounds of processing personal data” and, without prior notice, shall not be processed beyond such scope and purpose. The personal data is transferred through secured cable or VPN and the Company adopted technical and organizational measures necessary to ensure transferred personal data is not lost, stolen, disclosed, altered or destructed.
The Company does not adopt any automated decision making including profiling which produces legal effects concerning the data subject or similarly significantly affects the data subject The Company will give prior notice to you about the logic, necessity, expected results of the automated decision-making system if the Company expects to adopt any automated decision-making system.
If you are not satisfied with the Company’s response to your complaint regarding your rights on personal data and you need further assistance, you may file a complaint with the Supervisory Authority (e.g., the President of Data Protection Authority). The Supervisory Authority is a separate organization not affiliated with the Company.
For more information about your rights to your personal data, please contact us: firstname.lastname@example.org