WHAT IS THE GDPR?
The EU General Data Protection Regulation (GDPR) is a new, comprehensive data protection law that updates the EU’s existing data protection regime to strengthen the protection of EU residents’ personal data in light of rapid technological developments, increased globalization, and more complex, international data flows. It replaces the patchwork of national data protection laws currently in place with a single set of rules, which will help harmonize data protection law across the EU (and the European Economic Area (EEA)) by removing the need for national implementation.
The GDPR, which was adopted in 2016 and went into force on May 25, 2018, applies to organizations established both in and outside the EU that process EU residents’ personal data.
For more information about the GDPR, please visit the European Commission’s GDPR webpage.
Smartlook Analytics and the GDPR
As part of Smartlook Analytics's ongoing commitment to transparency, accountability and the responsible stewardship of the personal data that we handle, our GDPR team has focused on identifying and addressing GDPR readiness priorities across Smartlook Analytics diverse products and businesses. To accomplish this, the team developed and managed various work streams across all of Smartlook Analytics’s business lines.
Some of the specific steps we have taken to prepare for the GDPR include:
Assessing our data processing activities to ensure that data protection is “baked in” to our products and services
Documenting our data processing activities and data flows
Updating our privacy notices to meet the GDPR’s transparency requirements
Implementing processes to give effect to the new and broader rights of data subjects under the GDPR (i.e., the “right to be forgotten” and right of data portability)
Reviewing and updating our vendor/supplier agreements to ensure that personal data is adequately protected
Enhancing our internal incident response and escalation processes