Our Commitment to the GDPR

Disclaimer: This article is not a legal advice regarding the GDPR. This article is only meant to provide an overview about the GDPR and about the implications and initiatives at EASI’R in that regard.

For us at EASI’R, data security and protection has the highest priority. 

The GDPR (General Data Protection Regulation) is a European regulation made to strengthen and unify data protection laws for all individuals within the European Union. The GDPR aims to give individuals control over their own personal data.

We at EASI’R welcome this law, and consider it as an essential step regarding the unification of data protection regulations in the EU.

The GDPR will become effective and enforceable on the 25th May 2018.

Our commitment: 

At EASI’R, we have always taken data protection very seriously and in 2016 were ISO 27001 certified. The GDPR encourages the use of certification schemes like ISO 27001, and in October 2017, we passed the ISO re-certification process.

To ensure compliance with the GDPR, we are following a clear, detailed plan that has been prepared together with lawyers and external consultants, in order to meet the due date in May 2018.

GDPR implications for EASI’R customers

Compliance with the GDPR requires a partnership between EASI’R (Loyalty Factory GmbH) and our customers regarding their use of our services. EASI’R will comply with the GDPR regarding our services to our customers, including contracts, documentation, and product.
Depending on your situation and jurisdiction, please consider the following aspect:

Ensure that your Terms of Service or Privacy Policy clearly and correctly communicate to your users how you are using EASI’R on your website or app. The GDPR can heavily penalize you if you are not fulfilling this requirement properly. We suggest that you review your policies with this in mind.

Please note that we can not provide an overview of all the changes that we can foresee that might affect you, as a result of using EASI’R.

EASI’R GDPR documentation

As we approach May 2018, EASI’R is focused on enforcing GDPR compliance efforts. During the implementation period, we will have identified all new requirements imposed by the GDPR and will make any adjustment necessary to ensure that we handle customer data in compliance with the regulation by May 2018.

Below you can find a condensed version of our GDPR Roadmap and current status. All steps have been made in close collaborations with lawyers and consultants.

May 2017: Identifying all areas of our product and our business impacted by the GDPR and developing a strategy to implement the adjustments – COMPLETE

October 2017: Adjustment of our Data Protection Agreement – COMPLETE

November 2017: Adjustment of legal documentation to reflect any product changes and include the mandatory processor provisions required by the GDPR (article 28)

December 2017: Perform the necessary changes/improvements to our product based on the requirements – COMPLETE

February 2018: Implement the required changes to our existing ISO 27001 internal processes and procedures required to achieve and maintain compliance with GDPR – COMPLETE

March 2018: Testing of all changes to verify and validate compliance with GDPR

April 2018: Finalization

Contact us regarding the GDPR 
Please do not hesitate to reach out to us if you have any further questions regarding EASI’R & the GDPR. Just get in touch via gdpr@easir.com and we will be happy to clarify your questions.