General Data Protection Regulation (GDPR) is a data privacy regulation that becomes enforceable on May 25, 2018.
GDPR covers the protection of Personal Identifiable Information (PII) of EU citizens that is processed, stored, and managed by organizations and/or exported outside of EU.
Keeping customer data private and safe is of paramount importance for Birdview PSA. Were currently assessing processes and systems and reviewing current product features in order to implement necessary changes. Birdview PSA will comply with all applicable requirements of the GDPR by the May 25, 2018 deadline.
In regards to GDPR classification, the Birdview PSA platform is considered to be Processor. Customers of the Birdview PSA application are classified as Controller.
What were doing
- We are reviewing all vendors who act as sub-processors for the Birdview PSA data to ensure GDPR-compliance by May 25, 2018, including but not limited to reviewing data collection, data disposal and general business practices.
- We are reviewing and updating our policies and business practices to ensure compliance.
- Work with other leading technology firms to implement best practices.
Q: Data Storage – Where do you host data?
A: Birdview PSA uses Microsoft Azure for hosting our application, and service is delivered from data centers located in the United States, Europe and Canada. Microsoft Azure offers the most comprehensive set of certifications and attestations of any cloud service provider, including:
- ISO 27007
- PCI DSS
- SOC 1,2,3
- UK G-Cloud
By May 25th 2018 all accounts for our European clients will be moved the datacenter within EU. You can read more about our data center for additional details.
Q: What Personally Identifiable Information (PII) is currently stored within Birdview PSA?
A: Birdview PSA requires the name and email address of an individual to create a user profile associated with the overall Customer Account. Users and/or Customers may add additional PII to their profile at their discretion. Birdview PSA has no direct visibility to any other PII data store in the platform by the Individual User and/or Customer.
Q: Can PII be removed from Birdview PSA?
A: As a Processor: Yes, we have policies in place to verify with the Controller of the data PII removal request and either remove or anonymize the data within the regulated timeframe.
As a Controller: As a business, Birdview PSA collects PII data from our Prospects and Customers (acting as Controller). Internally, we have processes, policies and procurements related to the access, storage and removal of PII data within our systems. Questions related to our Data Protection and Privacy policies, including requesting removal, can be directed to [email protected].
Q: Where can I learn more about GDPR?
A: You can find more information on the GDPR website https://gdpr.eu/.
We will keep you updated as we continue to fulfill our privacy and security commitments. We will use this page to communicate how we are progressing with our GDPR-related efforts as soon as new information becomes available. If you have any questions about how Birdview PSA will comply with the GDPR, please reach out to us: [email protected].