What is the General Data Protection Regulation (GDPR)?

The GDPR is about protecting the data of European residents. GDPR establishes users’ rights to their own data as well as the company’s obligations with respect to protecting that data. This comprehensive privacy and data protection law will take effect on May 25, 2018.

Please see the full text of the GDPR  and consult with your legal counsel. This document describes aspects of what we are doing to assure our GDPR compliance; it does not constitute legal advice.

If you have members that are in the European Economic Area or you are marketing to anyone (resident or visitor) in Europe then the GDPR affects you.

Does this affect me?

Bevy’s Role, Your Role & Your Users’ Role

As data controller you direct the purpose of data processing. You should ensure your own GDPR compliance and likewise ensure all your vendors are GDPR compliant. 

As data processor, Bevy processes and stores data on your behalf. We are GDPR compliant as of May 25 and we only work with vendors (sub-processors) that are themselves GDPR compliant. More broadly, we care about information security and only work with vendors that likewise care about security.

In GDPR’s terminology, data subjects are those natural persons that the data is about. A data subject owns their data. As such, they essentially let you borrow it for some purpose. 

Bevy is the data processor and you, our client, are the data controller. Bevy allows you to control your data.

Bevy’s commitment to protecting your user’s data

Information security is an organizational priority. We have implemented an information security management system (ISMS), in compliance with ISO 27001:2013. Data protection requirements (including those as indicated per GDPR are an explicit objective of our ISMS.

We vet all our vendors for their own security and compliance practices and do not partner with sub-processors that are not GDPR compliant.

Effective May 25, 2018 our privacy policy is updated with GDPR in mind.

All new project initiatives adhere to Privacy by Design principles. This includes performing assessment at the onset of projects, as appropriate to investigate whether or how privacy or freedoms of data subjects may be impacted.

Critical software service functionality:

 

Benefits to you 

The amazing people and companies Bevy works with are true leaders in their fields planning 5-10 years in the future for what their communities need to become. Bevy and its small team of passionate engineers and experts will always work night and day to deliver the bleeding edge in enterprise data management.