- Knowledge Base
What is the GDPR?
The General Data Protection Regulation (GDPR) is a regulation in the European Union (EU) designed to strengthen and unify privacy and personal data protections for all individuals within the EU.
Who does the GDPR affect?
The GDPR not only applies to organizations located within the EU, but also organizations located outside of the EU that offer goods or services to, or monitor the behaviour of, individuals within the EU. It applies to all companies processing and holding the personal data of individuals residing in the European Union, regardless of the company’s location.
What constitutes ‘personal data’? Any information that can be used to directly or indirectly identify a person. It can be anything from a name, a photo, an email address, or bank details to posts on social networking websites, medical information, or a computer IP address.
Duda & the GDPR
Duda takes seriously personal data protection and the right to privacy online and welcomes this latest EU regulation to strengthen and unify these protections for individuals within their jurisdiction. Duda has completed a thorough review of the legal and technical impacts of the GPDR to ensure compliance and make any required adjustments to our products, services, and documentation, and ensure compliance with the GDPR. This will give Duda customers more control over their personal data and provide the necessary tools to protect the information of visitors to Duda websites.
Duda will be fully compliant with the GDPR by May 25, 2018.
What specific actions has Duda taken to prepare for the GDPR?
- In addition to our own legal, operational, and technical reviews, we are working with external cybersecurity consultants and legal experts to map the steps Duda is required to take to ensure we are fully compliant with the GDPR before the May 25, 2018 deadline.
- We are conducting a security audit to make sure all of our security measures and protocols are fully GDPR-compliant.
- We are reviewing Duda’s organizational policies, especially our data security and data privacy policies, to ensure they cover what is required by the GDPR. We are also working with our staff to increase awareness of the need for strong data security and privacy practices across the entire company. This is an ongoing process and we see it as a key factor to our success in this project.
- Duda is documenting and developing any operational procedures required to support an individual’s right to review any of their private data we store, the right to be forgotten, etc.
- We are working with our vendors to learn about their GDPR-readiness plans and updating data processing agreements as needed.
- While the deadline for GDPR compliance is May 25, the broader topic of data security is a long-term commitment rather than a one-off project. Duda remains committed to data security and privacy and we will ensure our customers are protected in an ever-changing landscape of regulation and real-world threats.
How do I submit GDPR-related questions, concerns, or issues to Duda?
If you have questions about Duda and the GDPR, or wish to report a related issue, please contact Duda support as soon as possible via email by visiting our support portal and marking ‘General Help’ in the drop down.