The General Data Protection Regulation ("GDPR") is a new privacy regulation that replaces the EU Data Protection Directive ("Directive 95/46/EC"). It aims to harmonize data protection laws across EU by implementing a regulation directly applicable in each EU Member State. It creates new protections for EU data subjects’ fundamental right to privacy and implements significant fines for non-compliant businesses, thereby allowing EU data subjects to better control their personal data.
The information we collect allows us to:
GDPR applies to any company established in the EU – whether or not the actual processing takes place in the EU, and to any company (not just in the EU) processing personal data belonging to EU subjects in relation to offered goods, services or monitoring behaviour.
Personal data means any information that relates to an identified or identifiable natural person. Examples of personal data includes identifiers such as IP address, location data or unique online identifiers. For a comprehensive list of what is considered personal data under the GDPR, please refer to Article 4(1).
Cirillo Consulting GMBH security and legal teams analyzed our entire platform, services and business practices to strengthen our commitment to data protection, which includes:
All these processes take place under the governance of Cirillo Consulting GMBH Data Protection Officer.
Since customers have control over the data that is sent to our hosted services, all customer data is assumed to potentially contain personally identifiable information (PII) and is secured accordingly. Cirillo Consulting GMBH may also collect EU personal data for other purposes, as outlined in Cirillo Consulting GMBH Privacy Policy.
Cirillo Consulting GMBH uses hosting facilities located in the Germany. Cirillo Consulting GMBH participates in the EU-US Privacy Shield and Swiss-US Privacy Shield Frameworks in order to ensure that EU personal data is transferred in accordance with GDPR.
Cirillo Consulting GMBH acts as a processor when processing data from its customers.
Yes. Cirillo Consulting GMBH understands that its customers handling EU personal data need to implement appropriate safeguards to ensure that the processing of personal data is secure. Cirillo Consulting GMBH DPA is available upon request for all cloud customers. To obtain a copy, please reach out to your sales contact, as mentioned on your order form.
EU citizens have the right to request a copy of their data, as well as having their data updated, deleted, restricted, or moved to another organization without hindrance. By design, Cirillo Consulting GMBH allows customers to automatically address these requests, through self-service, by adjusting the data in the customer's source systems that are indexed by Cirillo Consulting GMBH.
Our customer's documents are constantly being refreshed in their Cirillo Consulting GMBH index. If the data about a data subject is deleted or modified from the customer's source system, it will automatically be replicated on this customer's Cirillo Consulting GMBH index.
Disclaimer: This page is intended to provide helpful guidance to our customers regarding GDPR and not to provide a comprehensive solution or legal advice.