We, at Engati, believe in assuring the safety and security of our users’ personal information and we ensure that we are being compliant with the regulations of data protection.
Our goal is to strengthen data privacy because we strongly believe that our customers must have greater control over how their personal data is used. With the coming of GDPR, we have embraced a better approach to distribute the responsibility and accountability to store or process customer data, irrespective of whether they belong within or outside the EU. GDPR is important to improve the protection of a customer’s right to safeguard personal data and information and at Engati, we demonstrate complete transparency and honesty in maintaining this security.
GDPR or General Data Protection Regulation is a regulation around data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU. The GDPR is primarily meant to provide more control to citizens and residents over their personal data and simplify the regulatory environment for international businesses by standardizing the requirements.
It was enforced on 25th May 2018 after a two year period from inception after replacing the 1995 Data Protection Directive. It also applies to the UK since it’s still a part of the EU on the date of enforcement.
What comes under the GDPR rules?
Customers can request access to their own personal data and Engati is answerable to how it is storing and using their data.
Easy data portability
Customers enjoy the rights to transfer their data from one party to another.
Customers can delete or withdraw their consent to give access to their data at any point during business transactions.
This ensures that customers stay updated with the data and information that is being gathered and used. In case of any data breach, the customer should be informed within 72 hours.
Restriction and correction
Consumers can put a restriction on how their data gets used and they can even update their data in case it is old, incomplete or incorrect.
Engati’s commitment to comply with GDPR
At Engati, our ongoing commitment to privacy and security means that GDPR compliance is supported by our fundamental values of transparency, consistency, efficiency, and innovation. Through the continual improvement of regulations, along with our own best business practices, we ensure each and every user that their personal data is as safe and secure as we can provide, and that all regulatory mandates are fully met.
Steps taken by Engati to be GDPR compliant
The GDPR is the means of empowering customers by giving them more control over their data to maintain privacy by design. At Engati, we are careful about keeping customer data safe and secure. The security process includes security obligations, enacting impact studies, appointing a data protection officer, and ensuring privacy by design. Here are the steps that we follow at Engati. We -
Define the data that we need from our customers
Create a structure to understand customer data
Lodge barriers against data breaches
Design the privacy pillar
Customer data protection is, therefore, of utmost importance and priority at Engati. As more and more global businesses, whether or not they belong to the EU, we are getting even more careful and stringent about user data protection and compliance around the GDPR.
Frequently Asked Questions around GDPR
Are the provisions of GDPR applicable to me?
The provisions of the GDPR apply to any entity that processes personal data of individuals in the European Union (EU), including tracking their online activities, regardless of whether the entity has a physical presence in the EU.
What is a Data Controller and Data Processor?
A Data Controller is an entity which determines the purposes, conditions and means of the processing of personal data. The Data Processor is the entity which processes personal data on behalf of the controller.
Do I need to sign a Data Processing Agreement with Engati?
As a Data Controller in your role as a Engati platform user, if your entity is based in the EU or collect information from subjects residing in the EU, you would need to sign a Data Processing Agreement with Engati to continue using the services.
What is Engati doing to become compliant with the regulations and how does it affect us?
We are making all necessary changes to be compliant with the regulations as per our interpretation of the same. This includes but is not limited to updating of our terms of service and privacy policies, bringing in processes and practices as well as technological changes in the platform to ensure data is kept secure.Post 25th May, your continued use of the platform would require you to agree to the updated terms as well as comply with the Data Processing Agreement if relevant for your case.
What are the implications for non-compliance?
Lack of compliance can result in fines of up to 4% of annual global turnover or €20 Million (whichever is higher) for breaching GDPR.
Where can I reach out for more queries around GDPR or data requests?
For any queries on GDPR or data privacy and security, mail us at firstname.lastname@example.org or email@example.com.
Disclaimer :- The information contained on this page is a commentary on GDPR, as Engati understands and interprets it. This is not intended to be legal advice to be used for the application of GDPR in any organization. The information mentioned here as well as related documentation may change in the future.