Helpfordesk & the GDPR
For Helpfordesk, security is a big concern. Learn how Helpfordesk is commited to the GDPR and what you have to do to comply with the law.
General Data Protection Regulation
On 25 May 2018, European data protection legislation (GDPR) replaces the 1995 EU Data Protection Directive. The GDPR strengthens the rights that individuals have regarding personal data relating to them and seeks to unify data protection laws across Europe, regardless of where that data is processed.
This document contains the measures and commitments that Helpfordesk.com provides and guarantees to the customers in order to meet GDPR compliance .
What are your responsibilities?
Helpfordesk.com customers act as the data controller for any personal data they provide to Helpfordesk.com in connection with their use of Helpfordesk.com’s services.
Data controller determines the purposes and means of processing personal data, while the data processor processes data on behalf of the data controller. Compgate ltd. is a data processor and processes personal data on behalf of the data controller when the controller is using Helpfordesk.com Cloud Platform.
Data controllers are responsible for implementing appropriate technical and organizational measures to ensure and demonstrate that any data processing is performed in compliance with the GDPR. Controllers’ obligations relate to principles such as lawfulness, fairness and transparency, purpose limitation, data minimization, and accuracy, as well as fulfilling data subjects’ rights with respect to their data.
Data controllers are required to only use data processors that provide sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of the GDPR. Here are some aspects you may want to consider when conducting your assessment of Helpfordesk.com services.
What can you do?
You can count on the fact that Helpfordesk.com is commited to GDPR compliance.
We are also committed to helping Helpfordesk.com customers with their GDPR compliance by providing robust privacy and security protections built into our services over the years.
To comply with GDPR, data controllers need to formally aproved a legal agreement with data processors.
For Helpfordesk.com, protection of user private data and data processing agreement is aproved between customers and Compgate ltd. (creator of Helpfordesk.com). The contract creation is available below.
How Helpfordesk.com is commited to the GDPR?
- Helpfordesk.com stores data in secured datacenters certified by DIN ISO/IEC 27001.
- Helpfordesk.com doesn’t use any sub-processors besides the necessary server hosting and infrastructure providers to process any of customer’s data.
Helpfordesk.com never shares any of the inputted data with 3rd parties. The only exception are the exports initiated by the customer.
- Helpfordesk.com allows the customer to export data to certain government, or to other systems (security hardware, accounting systems and similar). This only happens on a direct request of the customer – i.e. by pressing special export button and only the prescribed data are exported.
- Helpfordesk.com guarantees the right to be forgotten. Upon request all the data inputted by the customer will be removed
- Helpfordesk.com has procedures in place that will remove the data inputted by the customer after the customer cancels the service.
- Helpfordesk.com guarantees data portability. All the data inputted by the customer can be exported if the customer wants to transfer them to other service.
- Helpfordesk.com data are regularly back-up and Helpfordesk.com uses secured data centers to store data backups.
- Helpfordesk.com technicians signed confidentiality agreement that addresses responsibilities and expected behavior with respect to the protection of information.
- Helpfordesk.com uses tiered support levels. By default, Helpfordesk.com technicians do not see the personal data inputted by the customer.
- This access is only activated when needed for specific support and maintenance incidents.
- Helpfordesk.com collects aggregate statistical data. These data are used to improve the quality of service.
- Helpfordesk.com implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk to secure the data and to secure the communication between customer and Helpfordesk.com service
- Helpfordesk.com platform is data redundant, all your information is instantly replicated to two physical computers.
- Helpfordesk.com uses encryption to protect data in transit. HTTPS is activated by default for all users.
- We scan for software vulnerabilities using a combination of commercially available and purpose-built in-house tools. In case of data breach, we will immediately notify the school and conduct the necessary actions to mitigate the possible negative consequences.
- Helpfordesk.com has built it user right system, data controller can assign various user rights to different user roles to make sure only the relevant people can see or modify your data.
- Most important modules have built in history of changes, for every change it can be traced which user and when has made this change.
- Helpfordesk.com stores logfiles of the user activity for security purposes. Our technicians will assist you in security incidents analysis i.e when someone steals password of other users. All logfiles are permanently deleted after 12 months.
- Helpfordesk.com uses Google analytics service to gather the statistics about Helpfordesk.com usage. Statistical information about Helpfordesk.com usage is thus available to Google.
- Helpfordesk.com uses Google cloud services(mainly for push notification service)
- Helpfordesk.com uses Apple cloud services(mainly for push notification service)