Since May 25th 2018, European data protection legislation (GDPR) replaces the 1995 EU Data Protection Directive. The GDPR strengthens the rights that individuals have regarding personal data relating to them and seeks to unify data protection laws across Europe, regardless of where that data is processed.
We’re committed to helping Otixo customers and users understand, and where applicable, comply with the General Data Protection Regulation (GDPR).
Besides strengthening and standardizing user data privacy across the EU nations, it introduces new or additional obligations on all organizations that handle EU citizens’ personal data, regardless of where the organizations are located. On this page, we explain how we help our customers comply with the GDPR.
- GDPR COMPLIANCE
- SECURITY INFRASTRUCTURE STANDARDS AND CERTIFICATIONS
- INTERNATIONAL DATA TRANSFERS
The GDPR’s updated requirements are significant and our global team has adapted Otixo‘s product offerings, operations and contractual commitments to help customers comply with the regulation. Measures we have implemented include:
- Investments in our security infrastructure and certifications
- Updates to relevant contractual terms
- Support for international data transfers by executing Standard Contractual Clauses
- Offering data portability and data management tools including:
a. Import and export tools. Businesses and organizations may access, import, and export their Customer Data using Otixo‘ tools.
b. Profile deletion tool. Help customers respond to user requests to delete personal information, such as names and email addresses, from a Otixo account.
c. Workspace settings center. See your workspace’s plan and settings, or contact an admin who controls the workspace.
We also monitor the guidance around GDPR compliance from privacy-related regulatory bodies, and update our product features and contractual commitments accordingly. We’ll provide you with regular updates so that you’re always current.
OUR SECURITY INFRASTRUCTURE AND CERTIFICATIONS
Protecting our customers’ information and their users’ privacy is extremely important to us. As a cloud-based company entrusted with some of our customers’ most valuable data, we’ve set high standards for security. We fulfill internationally recognized security standards (e.g. SOC 2 and SOC 3 from the American Institute of Certified Public Accountants, ISO 27001 - information security management system, ISO 27017 - security controls for the provision and use of cloud services and ISO 27018 - for protecting personal data in the cloud).
Otixo has invested heavily in building a robust security team, one that can handle a variety of issues — everything from threat detection to building new tools. In accordance with GDPR requirements around security incident notifications, Otixo will continue to meet its obligations and offer contractual assurances.
To comply with E.U. data protection laws around international data transfer mechanisms, we fulfill the requirements of the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield. These frameworks were developed to establish a way for companies to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States.
In addition, we offer European Union Model Clauses, also known as Standard Contractual Clauses, to meet adequacy and security requirements for our customers who operate in the E.U.
Fulfilling our privacy and data security commitments is important to us. So we’re glad to comply and help you comply with the GDPR. If you have any questions about your rights under the GDPR as a User or how Otixo can help you with compliance as a Customer, we hope you’ll reach out to us at firstname.lastname@example.org