GDPR - Cloud Coach

Cloud Coach is committed to best practices regarding your privacy. On 25 May 2018, the data privacy landscape will change as authorities from the European Union (EU) will begin enforcing the General Data Protection Regulation (GDPR). The GDPR expands and protects the rights of individuals and increases the obligations on businesses that collect personal data about individuals in the EU. The GDPR protects all EU citizens, no matter where the business is located.

In order to support the regulations set forth in the GDPR, Cloud Coach is actively implementing GDPR processes.

Here is additional information about GDPR.

What is the GDPR?

The General Data Protection Regulation is a fully re-written and updated data protection law for the European Union. It was created to simplify the current disparate laws across the EU that handle data privacy into a single regulation. This supports the EU’s digital single market strategy and strengthens the rights of individual citizens to control how their data is used.

What does the GDPR regulate?

GDPR focuses on how companies process personal data – meaning how companies use, store, collect and transfer personal data of an individual “in the EU” must comply with the law – not just EU citizens or businesses located in the EU.

What is personal data?

Personal data covers any information related to an identified or identifiable individual (also called a “data subject”). Personal data includes any type of identifiable information, including gender, phone number, email address, mailing address, and online habits.

What does the GDPR change?

The GDPR provides expanded rights to individuals in the EU and increases the obligations on organizations. Some of the key changes are:

Rights: The GDPR provides enhanced rights for individuals in the EU including portability, restriction, and deletion of personal data.
Accountability: To comply with GDPR, organizations must implement appropriate policies, conduct privacy impact assessments, keep detailed records on data activities and enter into written agreements with suppliers to protect personal data.
Profiling and monitoring: Organizations that profile or monitor behavior of individuals in the EU have additional obligations under GDPR.
Security: Organizations must have technical and organizational measures to secure personal data, including measures such as pseudonymization and anonymization.
Data breach notification: The GDPR requires organizations to report certain data breaches to data protection authorities, and under certain circumstances, to the affected data subjects.
Enforcement: Authorities can fine organizations up to the great of €20 million or 4% of a companies annual global revenue, based on the seriousness of the breach and damages incurred.
One stop shop: The GDPR introduces the concept of a lead supervisory authority to allow organizations operating in many EU countries to work with one data protection authority rather than many for matters such as cross-border data protection issues and enforcement.

Does EU personal data have to stay in the EU?

No, under GDPR, EU personal data does not have to stay in the EU. It does not place any new restrictions on transferring of personal data outside the EU.

Where do I go to find out more?

For more information on the GDPR, you can visit the official EU GDPR website.

Cloud Coach & GDPR

Cloud Coach sees the GDPR as an important step toward consolidating and streamlining data protection law across the EU. We see GDPR as an opportunity to reinforce our commitment to data protection. Compliance with the GDPR requires a partnership between Cloud Coach, our suppliers in providing services to support our business, and our customers in their use of our services.

At Cloud Coach, we are committed to complying with the forthcoming GDPR. We have looked at the requirements closely and we are working on the updates needed in our contracts, documentation, and processes to support our compliance with the GDPR.

Cloud Coach is the only project management solution that is 100% native on the Salesforce Platform that offers four tiers of solutions to meet any business need. Salesforce is highly committed to GDPR compliance. Trust is the number one value for Salesforce and Cloud Coach – nothing is more important to both companies than the protection of our customers’ data.

Cloud Coach's Commitment to Data Protection

Cloud Coach is committed to the success of our customers and the protection of our customers’ data. Cloud Coach’s security overview describes the architecture and infrastructure of our services, the security- and privacy-related audits and certifications we inherit from Salesforce, and applicable administrative, technical, and physical controls material to our services.

To learn more about Cloud Coach’s commitment to privacy of personal data, please see our Privacy Policy. To request access to your personal data under GDPR, please complete this form.