User Tools

Site Tools


privacy_data_protection_and_gdpr

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Next revisionBoth sides next revision
privacy_data_protection_and_gdpr [2018/05/31 11:08] lucyprivacy_data_protection_and_gdpr [2018/08/27 10:28] lucy
Line 1: Line 1:
-===== GDPR ===== +===== PRIVACY =====
- +
-There are several important factors that cloud users need to consider in relation to the GDPR when serving to European customers:+
  
   * **Where is LUCY storing and processing data?** This information can be obtained by finding out where the data is being hosted. Lucy can be installed On-Site or on a cloud server. If installed on a cloud server, all data is stored on that specific server.   * **Where is LUCY storing and processing data?** This information can be obtained by finding out where the data is being hosted. Lucy can be installed On-Site or on a cloud server. If installed on a cloud server, all data is stored on that specific server.
Line 7: Line 5:
   * **Where is data sent?** It’s also important to remember that data can be moved around between an app’s different data centres. That depends on the feature used in LUCY. As you can see in [[network_communication_-_lucy_--_internet|this chapter]], LUCY uses some connections to centralized servers (e.g. update server). But no personlized infomation that falls under GDPR ever gets transmitted.   * **Where is data sent?** It’s also important to remember that data can be moved around between an app’s different data centres. That depends on the feature used in LUCY. As you can see in [[network_communication_-_lucy_--_internet|this chapter]], LUCY uses some connections to centralized servers (e.g. update server). But no personlized infomation that falls under GDPR ever gets transmitted.
  
-  * **Data processing agreement**: Once a user knows that LUCY is being used in their organisation, they should close a data processing agreement (could be mailed to the users as part of the awareness campaign) with the client to make sure they follow the GDPR’s data privacy protection requirements. In this agreement, it’s important to specify that the application only collect the personal data necessary for the cloud to function. But there should be limits on the ‘special’ data (information revealing religion, race, political persuasion etc.) collected. This can be controlled with the [[add_mail_recipients|attributes in the recipient list]].+  * **Data processing agreement**: Please visit this [[company_application_and_data_security|chapter]]
  
  
privacy_data_protection_and_gdpr.txt · Last modified: 2019/07/25 12:50 by 127.0.0.1