In 2016, the European Commission approved and adopted the new law on the General Data Protection Regulation (GDPR), which came into force on 25 May 2018. The GDPR imposes strict rules on organizations of all sizes about how they regulate personal data collected by them. It applies both to European organizations that process the personal data of individuals in the EU and to organizations outside the EU that target people living in the EU. These regulations concern both data controllers and subcontractors.
Failure to comply with the GDPR can result in significant fines of up to 20 million euros or up to 4% of your company's overall turnover in the previous year, whichever is greater.
Data protection officer:
We have appointed a Data Protection Officer (DPO) to monitor all data collection and use activities. The DPO is in charge of training and educating Dataleon's internal teams to maintain the standards required by the GDPR in terms of security and confidentiality. The DPO should also report any non-compliant activity. You can contact our DPO at firstname.lastname@example.org for any questions or requests to create/update/delete your data.
You can contact our DPO at email@example.com for any questions or requests to create/update/delete your data. You can also manage all your personal data and that of your participants from your account.
Safety & faults
Our team makes every effort to strengthen our security policies in order to be in compliance. Here is what we are already doing in this direction:
- Data encryption
- Database backups
- Database encryption
- Use of HTTPS when encrypting data between the client and the server
- Databases in the EU
- 2FA authentication and role management for data access
- Computer encryption
- Systematic implementation of secure passwords
- Safety training
- 24/7 response time in case of emergency
Dataleon uses various third-party tools for marketing, statistical, and functional purposes. You can request access to our inventory to find out who these third parties are, their compliance, and what data we collect. All these third parties comply with the GDPR and have signed a data protection agreement with us.