Need to join a meeting?

GDPR Compliance Statement

Updated on January 3, 2019

What is GDPR

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a privacy and data protection regulation in the European Union (EU) and is enforceable from May 25 2018 and requires no enabling legislation so automatically becomes binding and applicable on that date.  The GDPR imposes new obligations on organizations that control or process relevant personal data and introduces new rights and protections for EU data subjects.

 

The GDPR applies to data processing carried out by organizations operating within the EU. It also applies to organizations outside the EU that offer goods or services to individuals in the EU.  InMoment Software Inc. is a data processor for client data entered into our application, and is a data controller for client information entered into our systems when signing up to our services.

Commitment

We are committed to the principles outlined in the GDPR and particularly to the concepts of privacy by design, the right to be forgotten, consent and a risk-based approach. In addition, we aim to ensure:

  • transparency with regard to the use of data   
  • that any processing is lawful, fair, transparent and necessary for a specific purpose    
  • that data is accurate, kept up to date and removed when no longer necessary
  • that data is kept safely and securely

Right to be Forgotten

InMoment Software Inc., the makers of the MeetingPulse interactivity software specifically recognizes the right to erasure, also known as the right to be forgotten, laid down in the GDPR. Individuals should contact [email protected] with requests for the deletion or removal of personal data. These will be acted on provided there is no compelling reason for continued processing and that the exceptions set out in the GDPR do not apply. These exemptions include where the personal data is processed for the exercise or defense of legal claims and to comply with a legal obligation for the performance of a public interest task or exercise of official authority.

Our GDPR Actions

We have reviewed the stance of our hosting providers and third party processors for the customer data where we are data processors.  We ensure that they comply with PrivacyShield/SafeHarbor provisions.

We maintain industry standard security practices to protect the data we process, including, but not limited to:

  • Two factor authentication
  • Software firewalls
  • Vulnerability scanning

  • Robust privacy and security policies

For more information, and how we use data, please refer to our Privacy Policy.

If you have any questions about our GDPR compliance, please contact Aaron Lifshin at [email protected]