Last update on August 27, 2019
A bit of history…
On May 25, 2018 came into application the General Data Protection Regulation. This European law now applies to all Member States and has replaced the old Directive 95/46 / EC on the protection of personal data. It creates new engagements for companies and organizations that, like Atolia, process personal data.
The GDPR provides a clearer and more homogenous legal framework within the European Union, while creating new rights for people, including the right to be forgotten and the right to data portability.
Since the first day, we place the utmost importance on the security and privacy of our users’ data. The application of the GDPR is an opportunity to strengthen this protection for the benefit of all Atolia customers.
Many actions have been done to ensure Atolia’s compliance with the GDPR, including :
As part of the services we offer to our customers, we act as subcontractors to them. We must therefore also ensure the proper compliance of personal data collection operations which are then sent to us. Here are the main points:
- All transactions carried out on the personal data that are transmitted to Atolia are identified and added to a processing register.
- The implementation of a strong security policy regarding personal data to reduce as much as possible the risk of violation of these data. If such an incident should occur, a notification protocol with the CNIL and / or users has been set up.
- Naming an internal data protection officer (DPO), who ensures compliance with Atolia’s data protection policy.