The General Data Protection Regulation (“GDPR”), which takes effect on May 25, 2018, is an iteration of the existing data protection law defined and enforced by the European Union.
Avanquest (“Company”) is committed to ensuring that its services comply with the GDPR, and that its partners can continue to use its services when GDPR takes effect. Company has for months designated an internal team, which are accompanied by the Company’s legal consultants and other professional and expert consultants, for the sole purpose of ensuring all required actions are taken in order to achieve GDPR compliance.
Please see below a general overview which details the Company’s compliance with GDPR. For additional information please contact our DPO at: dpo@avanquest.com
Company only processes personal data to the extent necessary and in accordance with applicable privacy laws including the GDPR. Company has ensured that there is an applicable lawful basis for any and all processing of EEA data subjects Personal Data when it acts as a controller and has entered into applicable Data Processing Agreements when it acts as a processor. In addition, Company has ensured all legal documents, including without limitations, agreements, privacy policies and sale terms are compliant with the GDPR.
The Company has completed an in-depth audit mapping out all of the Personal Data and data sets which it processes, as well as the technical and organizational security measures used in order to safeguard and protect such data. For additional information, please see Company security policy available at: www.avanquest.com/security. Company’s system also comply with PCI level 1 Service Provider.
Company has trained its personnel and employees to educate them with regards to the GDPR, Company’s data practices and the importance of security.
Company maintains accurate and accessible written records to the extent legally required to provide supervisory authorities, all in a timely manner, as required under applicable laws including the GDPR.
In accordance with GDPR, data subjects may exercise the following rights:
In order to exercise any of the above rights please contact our DPO at: dpo@avanquest.com. We have also trained our designated privacy and security team to respond to such request and follow the privacy by design and privacy by default values when developing additional platforms, features and services.
Company has implemented a process, in the event of a data breach and will provide the data controllers, the regulators and the end users with an immediacy of notification to the extent required under applicable law.
Our Legal team is busy ensuring our legal documentation is updated to reflect any changes and to include the mandatory Processor provisions required by Article 28 of the GDPR.
We have appointed a DPO in order to ensure ongoing compliance with the GDPR. Company’s DPO can be contacted at: dpo@avanquest.com
DISCLAIMER: THIS WEBSITE IS NEITHER A MAGNUM OPUS ON EU DATA PRIVACY NOR LEGAL ADVICE FOR YOUR COMPANY TO USE IN COMPLYING WITH EU DATA PRIVACY LAWS LIKE THE GDPR. INSTEAD, IT PROVIDES BACKGROUND INFORMATION TO HELP YOU BETTER UNDERSTAND HOW WE, AT AVANQUEST , HAVE ADDRESSED SOME IMPORTANT LEGAL POINTS. THIS LEGAL INFORMATION IS NOT THE SAME AS LEGAL ADVICE, WHERE AN ATTORNEY APPLIES THE LAW TO YOUR SPECIFIC CIRCUMSTANCES, SO WE INSIST THAT YOU CONSULT AN ATTORNEY IF YOU’D LIKE ADVICE ON YOUR INTERPRETATION OF THIS INFORMATION OR ITS ACCURACY. YOU MAY NOT RELY ON THIS PAPER AS LEGAL ADVICE, NOR AS A RECOMMENDATION OF ANY PARTICULAR LEGAL UNDERSTANDING.
