Try it free
MENY
Book a demo
Try it free

GDPR and GetAccept

How you can prepare your organization to comply with GDPR

Scroll down to read more
Contact us

WHAT IS GDPR?

In short, GDPR requires that organizations that process personal data are responsible for the data they handle. GDPR also emphasizes increased transparency and transparency as well as the possibility for each individual to choose how the registered data should be saved.
 

WHAT DOES IT MEAN?

GDPR contains several requirements that benefit consumers by requiring increased control and transparency related to the personal data collected by organizations.

YOUR RIGHTS UNDER GDPR

The GDPR is the EU’s way of giving individuals, prospects, customers, contractors and employees more power over their data and less power to the organizations that collect and use such data for monetary gain.

GETACCEPT AND GDPR

How can GetAccept help my company to comply with GDPR?

WHAT IS GDPR?

General Data Protection Regulation ("GDPR")
The regulation is implemented in all local privacy laws across the entire EU and EEA region. It will apply to all companies selling to and storing personal information about citizens in Europe, including companies on other continents. It provides citizens of the EU and EEA with greater control over their personal data and assurances that their information is being securely protected across Europe.

 

What counts as personal data?
According to the GDPR directive, personal data is any information related to a person such as a name, a photo, an email address, bank details, updates on social networking websites, location details, medical information, or a computer IP address.

WHAT DOES IT MEAN?

GDPR contains several requirements that benefit consumers by requiring increased control and transparency related to the personal data collected by organizations. At the same time, there are significant fines for infringements - up to 4% of global revenue or a maximum of EUR 20 million. Important differences to the previous privacy policy are that it includes much stronger terms for consent and obligations for data processors and data collectors, where mandatory contract terms between the parties are required.


A big difference between the GDPR and the former Data Protection Directive PUL is that processing of personal data in unstructured material should be handled in the same way as structured personal data.

A big difference between the GDPR and the former Data Protection Directive PUL is that processing of personal data in unstructured material should be handled in the same way as structured personal data.

Unstructured data
Personal data in, for example, e-mail, documents, audio, film, on a blog such as running on websites should be handled in the same way as personal data in databases.

Privacy by Design
GDPR also requires organizations IT systems to be built from the ground up to incorporate the principles of data protection and privacy through design (Privacy by Design).

YOUR RIGHTS UNDER GDPR

 

  • The right to access –this means that individuals have the right to request access to their personal data and to ask how their data is used by the company after it has been gathered. The company must provide a copy of the personal data, free of charge and in electronic format if requested.
  • The right to be forgotten – if consumers are no longer customers, or if they withdraw their consent from a company to use their personal data, then they have the right to have their data deleted.
  • The right to data portability – Individuals have a right to transfer their data from one service provider to another. And it must happen in a commonly used and machine readable format.
  • The right to be informed – this covers any gathering of data by companies, and individuals must be informed before data is gathered. Consumers have to opt in for their data to be gathered, and consent must be freely given rather than implied.
  •  The right to have information corrected – this ensures that individuals can have their data updated if it is out of date or incomplete or incorrect.
  • The right to restrict processing – Individuals can request that their data is not used for processing. Their record can remain in place, but not be used.
  • The right to object – this includes the right of individuals to stop the processing of their data for direct marketing. There are no exemptions to this rule, and any processing must stop as soon as the request is received. In addition, this right must be made clear to individuals at the very start of any communication.
  • The right to be notified – If there has been a data breach which compromises an individual’s personal data, the individual has a right to be informed within 72 hours of first having become aware of the breach.
 

GETACCEPT AND GDPR

Register and collect consent
In many cases, a consent is needed in order to be able to process data according to the GDPR. The consent needs to be specific, clear and be freely given and documented. GetAccept can improve your organizations ability to control these consents with a simple acceptance workflow. eSigning therefore makes it possible to lawfully process personal data.

Data Processing Agreement (DPA)
The GDPR states specific demands for agreements between Data Controllers and their Data Processors that are used to process the personal data that they are in control of. These agreements are called Data Processing Agreements and should always be handled if data is shared with third parties. GetAccept can simplify the process of maintaining, updating and signing these contracts and therefore accelerating your routines with your vendors. eSigning gives full visibility on the activities during the signing process and automatic reminders will help you to speed up the process.

 

Read more

Safe eSigning→

More about

eSigning →

Go to GDPR

Webinar →

Key features and benefits

EU Datacenter

All documents that are created by our customers can be stored within EU in the datacenter that is selected.

 

Secure Hosting

All data and documents are encrypted by default with AES 256-bit EV SSL encryption.

Encrypted communication

GetAccept has strict internal policys for accessing data. Only authorized have access to encrypted customer data.

 
 

Automatic data erasing

Automatic processes ensures that data is not stored for a longer period of time then what is lawful.

Tracking and export

GetAccept has advance search methods making it possible to export data to a readable format.

Data breach routines

GetAccept has clear processes and routines that protects your data and will inform concerned parties in the non-likely event of a data breach.