Legal
The European Union’s General Data Protection Regulation went into effect on May 25, 2018, with an aim to protect the rights of EU citizens as it relates to the collection, storing, processing, tracking, and use of the personal data of these citizens. The United Kingdom followed with the UK General Data Protection Regulation, which went into effect on 1 January 2021. As part of our commitment to our customers, as well as our commitment to the regulatory system in which we operate, we have continually striven to not only comply with the above Regulations – we have attempted to apply a gold standard.
The protection of our customers and their data (personal or commercial) is something we take very seriously here at Ansarada, and considerable action has been taken to ensure we are up to speed with any new developments as they have arisen. In June 2020, the European Union’s top court invalidated the Privacy Shield, which had previously facilitated data transfers between the EU and the USA. In June 2021, the European Commission released highly anticipated new Standard Contractual Clauses for cross-border data transfers. The operation of the United Kingdom’s regulations continues to evolve. With every development, we have been ready – and have demonstrated a consistent commitment to the protection of our customers and their data.
At Ansarada, we adhere to the principles expressly stipulated by the EU and the United Kingdom legislation (collectively, GDPR). All personal data collected by Ansarada shall be:
Due to the sensitive nature of the data that passes through our products, security and privacy have always been paramount at Ansarada. Whilst the GDPR imposed certain changes, the requirements did not represent a material change to the processes and clear safeguards we had previously established.
With that said, our Product, Marketing, Legal and Compliance teams have all worked together to ensure we continue our existing approach of “Privacy by Design” and apply that to the changing laws for the protection of our customers. Other areas we have, and continue to address as part of our GDPR compliance include:
We have proudly maintained ISO 27001 certification since 2009 - the gold standard for information security management.
We apply the same rigorous standards to any data we process and store, regardless of the privacy regime that applies to that data. We acknowledge the security of your data is of paramount consideration to you, and therefore we have implemented a ‘first-in-class’ privacy and security program that utilises the most robust technology and standards available.
We have also developed and implemented documented processes for escalating and reporting breaches, and continue to invest upon, and improve these in line with our ISO 27001 certification requirements, and in line with best practice.
Ansarada data is hosted on the Amazon Web Services (AWS) platform, whose infrastructure guarantees the following data security:
AWS holds the following information security certifications, so as to ensure information processing and storage by Ansarada occurs pursuant to ‘first in class’ standards:
Ansarada supports single sign on and multi-factor authentication.
Whilst any European / United Kingdom Data Protection Terms that you agree to as part of our Terms of Service do specifically reference the most in date Standard Contractual Clauses, if you do require a Data Protection Agreement (DPA) or if you would otherwise like to discuss our GDPR status further, please contact our legal and compliance team on the following: [email protected]. Alternatively, you are welcome to discuss any concerns directly with our Data Protection Officer, Chris Bullock, on the following: [email protected]