AgilePoint’s GDPR Policy
AgilePoint is fully committed to the GDPR and respects the privacy rights of its customers and visitors.
The EU General Data Protection Regulation (GDPR) is the most significant piece of European privacy legislation in two decades. The GDPR replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights that EU individuals have over their data, and creating a uniform data protection law across Europe. All companies operating in or utilizing data emanating from the EU must comply with the GDPR's regulations by 25 May 2018.
The GDPR is a regulatory law. As a law there is no certification agency, but all companies that store or use a EU citizen's data are required to comply with the regulation. With thousands of AgilePoint NX cloud and on-premise installations, our customers’ privacy and security has always been one of our top priorities.
AgilePoint NX's cloud services provide full compliance with applicable GDPR regulations. We are committed to assisting our customers, the data controllers and processors, with complete security and control over their user's private data in order for them to meet their GDPR obligations. AgilePoint's On-Premise solution allows our customers to fulfill their responsibility as both controllers and processors.
Our website's ability to secure our visitor data is a part of our compliance with GDPR. Customers will be able to access, update or delete data collected on our website upon request.
AgilePoint regularly reviews its Information Security Policy as part of our ISO 27001 process.
AgilePoint products conform to information security's best practices. In line with GDPR, appropriate measures are assessed in terms of a variety of factors including the sensitivity of the data, the risks to individuals associated with any security breach and the nature of the processing. Regular testing of AgilePoint’s security is a continuous process at AgilePoint.
Our AgilePoint NX Cloud EU customers are hosted within an EU Data Center. AgilePoint assures that the processing of our EU based cloud customers’ data will remain in the EU unless our customer’s move the data following the established guidelines under the GDPR or the US-EU Privacy Shield.
AgilePoint’s cloud offering runs on Amazon Web Services and Window's Azure cloud infrastructures. The European Union (EU) data protection authorities known as the Article 29 Working Party has approved the AWS and Azure's Data Processing Agreements (DPA). At present, no other third parties are engaged in AgilePoint's Cloud services.
Inquiries on data or AgilePoint's Data Privacy policies should be addresses to firstname.lastname@example.org.
EU CROSS-BORDER DATA TRANSFER
In addition to ensure AgilePoint's contractual commitments to meet the requirements to legally transfer data from the EU to the rest of the world under applicable law, AgilePoint is certifying under the EU-US Privacy Shield Framework.