On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) takes effect. GDPR regulates the governance of personal data for European Union (EU) citizens with an emphasis on data security and privacy. The GDPR does not only apply to companies that operate in the EU. This regulation will also impact companies operating outside of the EU if they have any EU customers or personal data of anyone in the EU.
Passportal makes security and privacy a fundamental focus in everything we do, and we recognize the importance of passing regulations to improve information security and data privacy standards for persons of the EU.
Will Passportal be GDPR compliant by the May 25, 2018 deadline?
Yes, Passportal confirms that our organization and all of our products will comply with the GDPR when it comes into effect in May 2018.
Where does Passportal currently store its data?
Passportal currently has datacenters in Canada, the United States, and most recently the UK. As our partner base grows we are planning additional datacenters to help maximize the performance of our products for partners. Our next datacenter will be in Australia, then followed by Germany. All Passportal data is stored with Amazon Web Services (AWS) and we have confirmed that “all AWS services will comply with the GDPR when it comes into effect in May 2018”.
Does GDPR require that all personal data of EU natural persons be stored in Europe?
No, the GDPR does not require that all data be stored in Europe. However, it does require that if personal data is transported outside of Europe, that the data must be adequately protected, which Passportal does.
As new datacenters open can I migrate where my data is stored?
Yes, in advance of each new datacenter opening we will contact the relevant partners to give them the option to migrate their data from the Canadian datacenter.
What should I do now if my clients only want their data stored in the EU?
Unfortunately, one misconception related to the GDPR is that all personal data of EU natural persons must be stored in the EU. To support our partners in their discussions with clients around this issue, here is a link to an excellent GDPR: Fiction versus Fact that Salesforce has put together: Fiction versus Fact.
Will Brexit impact Passportal’s approach to GDPR?
No, while Brexit has the potential to impact the relevant data privacy approaches of our partners, it will not impact Passportal’s approach or compliance with GDPR.
Should you have any further questions regarding Passportal and GDPR, please feel free to reach out to your dedicated Partner Development Manager.