GDPR's Here. Alpin Can Help.
Do You Have Customers, Vendors, or Partners in the EU?
The General Data Protection Regulation (GDPR) impacts how companies manage personal data. GDPR applies to “personal data” of EU residents, no matter where you are located.
If you — or your vendors — have personal data about even one resident in the EU, you are subject to the GDPR.
GDPR's Broad Scope and Heavy Fines
The EU defines “personal data” very broadly defined as "any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address.”
Violating GDPR can result in significant penalties: €20 million or 4% of revenue, whichever is higher.
Use Alpin For To Help With GDPR Compliance.
Save Time, Reduce Effort
Identify and prioritize vendors that process personal data that you control.
Alpin already lists your cloud application vendors and links to each company's public statements on GDPR.
Contact those vendors to request information on their compliance status.
Reach out directly or view the owner of that vendor relationship and ask them to handle it for you.
Provide reports that demonstrate due diligence and highlight stats around GDPR-ready vendors.
Tag and report on vendors that have passed your audits. Analyze spend, user stats, and more around compliant, non-compliant, and exempt vendors.
New To GDPR? Check Out Our Popular Posts On The Topic
Why Care About Your Vendors' GDPR Compliance?
Increasingly, companies rely on third party vendors to collect, process, and store personal data, such as:
• Website software that records IP addresses, visitor behavior, “contact us” forms, etc.
• Marketing and sales CRM databases, including email service providers
• Other spreadsheets, databases and documents that contain personal information
These companies are "data processors" of the personal information of your customers, and you are held responsible for any GDPR clause they may violate.