Preparing for GDPR
On May 25, 2018, a European privacy law, the General Data Protection Regulation (GDPR), is slated to take effect.
While GDPR is designed to strengthen and unify personal data protection for European Union (EU) residents, it also places new obligations on all organizations that offer goods and services to people in the EU, or that collect and analyze data tied to EU residents. In short, GDPR applies no matter where you are located.
This webpage is neither an overview on EU data privacy nor legal resource for your company to use in complying with GDPR or other EU data privacy laws. Rather, it provides background information to help you better understand how Ungerboeck is addressing GDPR.
The contents of this webpage are not the same as legal advice. We encourage you to consult an attorney if you'd like advice on your interpretation of this information or its accuracy. In a nutshell, you may not rely on this webpage as legal advice, nor as a recommendation of any particular legal understanding.
Data Protection is not new to Ungerboeck. In fact, it is a topic we take very seriously.
Over the last few years, we have set technical and organizational benchmarks in our IT infrastructure; made adjustments for both Safe Harbor and subsequently Privacy Shield; and created Data Protection Agreements for our customers. We continually work to adjust and document our processes as compliance needs change. We have been doing the same for GDPR.
GDPR compliance is not just Ungerboeck's responsibility. GDPR is a shared responsibility among Ungerboeck and our customers.
As a software provider, Ungerboeck is responsible for ensuring our software includes functionalities to help our customers comply with the regulations. A software product does not need to be GDPR-compliant, but the software must allow feature configuration to comply with GDPR. Ungerboeck is GDPR "compatible" because it supports both "Privacy by Default" and "Privacy by Design", meaning GDPR compatibility is achievable by the software's settings and by the individual configuration of settings depending on the feature in question (e.g. through access privileges, field encryption or masking, etc.).
While it is our responsibility to provide GDPR-compliant Cloud Hosting and to provide compatible software feature configurations, you, our customers, are the ultimate data controllers. You are responsible for ensuring your Ungerboeck instance is configured in a GDPR-compatible way and that your internal processes and workflows are themselves GDPR-compatible.
We are making additional enhancements to our software that will increase its compatibility with regulations that are part of GDPR. These enhancements will be part of version 20.93 that will arrive by May 2018.
We will continue to update this webpage to keep you informed and share how Ungerboeck is preparing for GDPR. We are making additional enhancements to our software that will increase its compatibility with regulations that are part of GDPR. These enhancements will be part of version 20.93 that will arrive by May 2018. Ungerboeck customers should ensure that they are on the current version 20.92 for a smooth transition to 20.93 to take advantage of GDPR enhancements.