airSlate and GDPR
GDPR went live on May 25th, 2018. It became known as a global standard in protecting the privacy rights of individuals when it comes to handling the personally identifying information of EU residents.
The General Data Protection Regulation (GDPR) applies to both organizations operating within the European Union and organizations that offer goods or services to customers or businesses in the EU. The Regulation provides a single set of rules for protecting the personal data of all EU residents and visitors. In replacing the 1995 Data Protection Directive and increasing the bar on data protections in the EU, the GDPR’s primary objectives are to:
- Establish personal data protection as a fundamental human right, including the individual’s right to access, correct, erase, or port their own personal data.
- Strengthen the baseline requirements and responsibilities for ensuring personal data protection.
- Provide a standardized application for data protection rules across the EU, thereby facilitating the legitimate flow of personal data within and beyond the EU and European Economic Area (EEA).
The GDPR lays out seven key principles:
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimization
- Storage limitation
- Integrity and confidentiality (security)
airSlate is a global organization that processes data on behalf of customers from around the world, including the EU. airSlate’s primary site for data hosting is located in the USA. However, some of our products may offer alternative hosting options. To inquire about using alternative hosting locations, please contact our team at firstname.lastname@example.org.
The airSlate team is dedicated to protecting the data that we process on behalf of our customers. We do not sell any personal data of our customers.
Our existing certifications and long-standing commitment to privacy frameworks have prepared us for complying with GDPR in a number of ways, including but not limited to:
- Heavy continuous investments into a strong security infrastructure and relevant security certifications
- A Dedicated Security Team
- Minimizing data collection and ongoing reviews and limitations of data access inside an organization
- Careful vetting of suppliers, subprocessors, and partners
- Keeping a close eye on changes in GDPR and other international standards for privacy and data protection
- Staying up-to-date with relevant contractual terms
- Continuous assessment of data breach risks and best practices for managing them
Additionally, we are prepared to address any requests made by our customers related to their expanded individual rights under the GDPR:
- Right to rectification: You may access and update your airSlate account settings at any time to correct or complete your account information. You may also contact airSlate at any time to access, correct, amend, or delete information that we store about you.
- Right to be forgotten: You may terminate your airSlate account at any time and we will permanently delete your account and all data associated with it.
- Right to restriction of processing: You may restrict or pause data processing by contacting us to submit your request.
- Right to data portability: We offer users the ability to export their personal data to a third party.
- Right to object: You may opt-out of your personal data processing for marketing, communication, and research purposes.
- Right to avoid automated decision-making: airSlate respects user’s rights to not be subject to automated decision-making.