Last Published February 4, 2019

RecordPoint, GDPR and You

From the 25th of May 2018 onwards, organizations collecting and processing personal information and data of EU based individuals are required to comply with the General Data Protection Regulation (GDPR). This statement is intended to provide you guidance on how RecordPoint processes and handles the data we collect when you use our cloud services.

What is GDPR?

The General Data Protection Regulation (GDPR) is new legislation designed to give EU residents more control over their personal data. We share our personal data on a daily basis with the many different online services & platforms that we use. Think of all the times you have provided your name, email and date of birth when signing up for social media platforms and other online services. GDPR places more stringent legal requirements on the companies and organizations that collect and process your personal information.

There are three classifications that an organization can fall into under GDPR:

  • Data Controller - means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be processed
  • Data Processor - means any person (other than an employee of the data controller) who processes the data on behalf of the data controller.
  • Both (Data Controller & Data Processor)

What type of organization is RecordPoint under GDPR?

RecordPoint is classed as a data processor under the new GDPR legal framework. We process data and information from your content repositories managed by Records365. However, we have limited knowledge of the data being processed from the content repositories that Records365 manages. Also, RecordPoint only processes data per our customer’s instructions. Therefore, RecordPoint is a processor of customer data ingested by Records365; the customer is a controller.

What data does RecordPoint collect?

When you use our cloud services to records manage your content repositories, we collect a broad spectrum of information. Some of this information may contain personally identifiable information (PII); however, this depends entirely on what information you store in your content repositories. For information on what data RecordPoint collects when you use our cloud service, please refer to our Privacy Policy.

How does RecordPoint ensure that my data is safe and secure?

As a data processor, safety and security of your data are our top priorities. We have many organizational and technical controls in place to keep your data safe. For information on how we keep your data safe, please refer to our Privacy Policy.

Questions?

If you have any more questions with regards to GDPR and it applies to your usage of RecordPoint’s cloud services, please contact trust@recordpoint.com.