The General Data Protection Regulation (GDPR) is upon us! Hopefully this spells the last of companies you have never heard of desperately trying to get you to click a button in an email!
At Zamzar we aren’t interested in using your data as a marketing commodity, and we never have been. We wrote last month about the hard work we have been doing to extend the data protection measures we already take to add extra safeguards for your data.
Today we are pleased to announce that we have completed the steps necessary for full GDPR compliance.
What steps has Zamzar taken?
We have taken a number of measures to increase protection for your data – here’s a summary of the key points:
> Strengthened security for your data
We have taken a number of steps to further improve how we secure your data. At the start of the year we turned on secure HTTPS encryption for all users of the main Zamzar website, and more recently we have switched many of our internal services to encrypt your data when it is “at rest” (i.e. stored) within our infrastructure.
> Rigorously reviewed our 3rd party vendors
We use a number of third party services to convert your files and have taken the opportunity to review each of their data practices to ensure they provide contractual guarantees for keeping your data safe.
> Dropped personalised advertising in the EU
We have taken the decision to stop serving personalised advertising to anyone using Zamzar’s main website from the EU. Ads will still be served, but no personalised data will be shared with 3rd party advertisers.
> Updated Policies
We have updated our Terms of Service and Privacy Policies to provide detailed information on how we access, process and handle your data, who we share it with it and what steps we take to secure it. We have also made our Cookie Policies clearer (see our Web and API versions).
> Made available a Data Processing Agreement (DPA)
We have put together a standard “Data Processing Agreement” (DPA) which you can sign if you use Zamzar’s services to process data for your own customers. Email us at firstname.lastname@example.org if you’d like a copy of this agreement.
What does this mean for YOU?
The steps we have taken will ensure that when you use our services you will have even stronger guarantees that your data is protected. You can check to see what data we store, how long we store it for, who we share it with and crucially what your rights are in relation to it.
We have pro-actively applied most of these measures to all customers (not just EU citizens).
What do you need to do?
You don’t need to take any explicit actions to carry on using Zamzar, but should review our new Terms and Privacy policies so that you are aware of how we handle your data.
If you use Zamzar as a “Data Processor”
If you use our services to process your own customer data the GDPR requires you to sign a “Data Processing Agreement” with us. If you signed up for an account to use our services before 25th May we provide a standard Addendum that you can sign – just email us at email@example.com to request a copy. If you signed up after that date check out our standard DPA agreements for the Web App and API.
Still have questions?
If you have any questions about Zamzar and GDPR do let us know by emailing us at firstname.lastname@example.org and we’ll get back to you.
This is just the beginning …
Protecting your data is a journey and it doesn’t end with an arbitrary deadline. Tomorrow we’ll be back working hard to provide you with amazing file conversion services and taking steps to continue keeping your data safe and secure.
The Zamzar Team.