On May 25, 2018, the General Data Protection Regulation (GDPR) went into effect for all businesses that operate in the European Union (EU), regardless of where they’re located. The introduction of this legislation means that there is now one set of data protection rules for the entire EU.
The goal of the GDPR is to give people more power over their personal data and ensure all businesses benefit from a level playing field. With recent issues around the world involving personal data, many suggest that this the most important data privacy regulation in the last 20 years.
Personal data is defined as information that relates to a living individual, not legal entities. The GDPR lays out detailed rules that organizations must abide by when dealing with personal data. There are different rules for organizations that collect personal data as a core business activity, and for those that do not.
At Latitude Geographics, we do not collect personal data as a core business activity. We only collect personal data that is required by law and necessary to help deliver the best experience possible to our customers. We have always followed a minimalist approach when it comes to personal data collection.
How we comply with the GDPR
All personal data collected by Latitude Geographics is stored and transferred by Privacy Data Shield certified companies, as provided by the European Commission on the adequacy of the EU-US Privacy Shield.
Master License Agreement
Our Master License Agreement, which governs the use of all Geocortex products, has also been reviewed and updated to comply with the GDPR.
You can find the updated version of our Master License Agreement here.
Based on our previous compliance work for Canada’s Anti-Spam Legislation (CASL) in 2014, Latitude already had in place industry standard protocols for customers to subscribe and unsubscribe, review preferences for receiving marketing materials and newsletters, and to access and update their preferences. We always ensure that we track consent, and monitor unsubscribe requests automatically.
As we continue to release new Geocortex Essentials 5-series products (most of which have SaaS offerings and require some level of personal data to access the products), we’ll continue to review our processes to determine situations where explicit opt-in consent may be required.
The Geocortex reseller network
While there are some customers we work and communicate with directly, most of the communication with our customers in Europe is managed by our network of Geocortex resellers.
We’re lucky to have amazing local knowledge throughout the European Union to help deliver an exceptional experience with Geocortex products and services; like us, each of our resellers has been working to comply with the new legislation.
Here’s some places you can find more information about our resellers in Europe, and how they manage personal data to comply with the GDPR:
- SIGGIS: SIGGIS serves Geocortex customers in Belgium and France. You can learn more about SIGGIS’s policies around personal data collection and management in their disclaimers and privacy policies (Belgium, France).
- Geoinfo: Geoinfo works with clients in Denmark to deliver Geocortex products and services. To learn how Geoinfo manages personal data, you can read more here or send questions to firstname.lastname@example.org.
- Esri Portugal: Esri Portgual acts as the reseller for both Geocortex and Esri products in Portugal. To learn more about how Esri Portugal collects, stores, and manages personal data, you can find all of their contact details here.
- Geodata: Geodata delivers Geocortex products and services in Norway. You can find information about how Geodata collects and uses information about users of their website and services in their Privacy Statement.
- Vitkovice: Vitkovice supplies Geocortex to customers in the Czech Republic, Slovakia, and Poland. You can find Vitkovice’s information on processing personal data here, last updated on May 23, 2018.
At Latitude Geographics, we’re committed to protecting your data and only collecting what’s necessary to operate our business and provide you with the best experience possible. Over the coming months, we’ll continue to monitor the GDPR and review our data collection and management processes to ensure they remain compliant with emerging regulations.
If you have any questions about the GDPR or how we handle personal data, please contact us at email@example.com.