General Data Protection Regulation (GDPR)
The General Data Protection Regulation or GDPR is a European Union regulation that is aimed at protecting personal data of EU citizens. It replaces the existing Data Protection Directive 95/46/EC and comes into effect on May 25th, 2018. GDPR consolidates the data privacy laws across the EU region into one single regulation.
Any company, be it EU or non-EU based, which processes personal data of EU individuals comes under the scope of GDPR. For more details on the EU's GDPR, visit: https://gdpr.eu/
Personal data - The GDPR defines personal data as “Any information related to a natural person or 'Data Subject', that can be used to directly or indirectly identify the person. It can be anything from a name, photo, email address, bank details, posts on social networking websites, medical information, or computer IP address.”
Data processor and a data controller - According to the GDPR, “A controller is the entity that determines the purposes, conditions and means of the processing of personal data, while the processor is an entity which processes personal data on behalf of the controller.”
RemotePC's responsibilities under GDPR:
RemotePC is committed to ensuring that our company and solutions meet the highest standards of data security and privacy, including compliance with the European Union's GDPR. RemotePC also aligns with the EU-U.S. Data Privacy Framework and the Swiss – U.S. Privacy Shield Framework.
RemotePC is also a self-certified company for compliance with the EU-US Privacy Shield Framework (https://www.remotepc.com/dpa & https://www.remotepc.com/privacy_policy).
All necessary technical measures to ensure personal data is protected.
All data transferred to RemotePC is encrypted during transit and at rest, and is not processed by RemotePC for any purpose other than as agreed upon in our terms and conditions.
We continue to evaluate industry standard practices with respect to data privacy and information security and strive to continuously meet or exceed those standards.
Right to Erasure is the right to have all personal data removed from our systems upon request. To exercise this right, please contact our support team to begin the process of verification and data removal.
Data Processing Addendum ("DPA") forms part of IDrive Inc.’s Terms of Service Agreement or other electronic agreements or mutually executed agreement between RemotePC and Customer ("you" and "your") applicable to Customer’s use of RemotePC Services (the "Agreement") and reflects the Parties’ agreement with regard to Processing Customer Personal Data.
Customer's responsibilities under GDPR:
RemotePC strives to be a valuable resource and provide support to our valued partners and clients to help them achieve their own compliance with the GDPR. Compliance is your responsibility. Your obligations as the business customer and the data controller, have specific legal obligations under the GDPR. You should be confident that providers (data processors) you work with have a highly robust approach to data protection, understand the obligations of the GDPR and are well prepared to meet them.
RemotePC provides features you can use to meet your obligations under GDPR, but no provider can ensure GDPR compliance for you, nor can we dictate how or if you choose to be compliant.