GDPR Information

Alvaria Preparations for the EU’s General Data Protection Regulation

On May 25, 2018, the EU’s General Data Protection Regulation (GDPR) became effective, replacing existing EU data protection laws based on the 1995 EU Data Protection Directive. The GDPR strengthens privacy rights for EU individuals and extends the scope of responsibilities for businesses processing personal data of EU individuals.

Alvaria has taken the steps necessary to comply with the legislation and equipped our customers to do the same by the May 25th effective date.

Under the direction of Alvaria’s global GDPR project team, Alvaria closely analyzed the requirements of the GDPR and is made the necessary modifications to its products and services, contracts, and documentation to support GDPR compliance for our customers.

Alvaria conducted a full information audit and data mapping exercise covering all personal information on data subjects processed by Alvaria in its role as controller and processor. This effort included all processing activities undertaken by Alvaria by itself and on behalf of customers through Alvaria’s products and services. The level of detail included, but was not limited to, the purposes of processing, data subjects, categories of personal data, lawful bases for processing, location of data and retention periods.

Product-Specific Guidance

Alvaria will provide product-specific guidance during the first half of 2018 (extending through Summer 2018) as our product delivery teams continue their assessments and implementations of GDPR’s data protection principles, program build requirements, and response mechanisms for data subject’s rights under GDPR.

Access to this documentation will be made available within the Alvaria Customer Care Community.

GDPR Page Image

Commonly Asked Questions

This FAQ focuses on typical questions asked by Alvaria customers when considering the implications of GDPR on their use of Alvaria’s products and services that involve processing of personal data.

Will Alvaria update current customer contracts to include language outlining its obligation under the GDPR mandate?
Are Alvaria customers outside the European Economic Area (EEA – a trade-free zone that is distinct from, and larger than, the EU) affected?
Will Alvaria require customers to update or modify their Alvaria products in order to remain compliant with GDPR?
Will Alvaria provide guidance on a product-specific basis in addition to the general announcement distributed that outlines the steps Alvaria is taking to prepare for GDPR?
Will Alvaria proactively contact customers to help guide them through new data protection requirements?
Will Alvaria charge a fee for any services they provide customers regarding supporting GDPR compliance?
What should customers do right now?
Does Alvaria provide “technical and organizational security measures”?
Are channel partners subject to changes in their agreements with Alvaria?
Where does Alvaria process EU personal data?
What kind of sub-processors does Alvaria engage and how will Alvaria notify customers of any change?
Whom at Alvaria should customers contact with particular questions about GDPR compliance at their organizations?

These FAQ’s are provided for the purposes of information only and do not provide legal advice. Aspect therefore encourages customers to seek legal advice about the legal permissibility of the processing of personal data by customer by way of using Aspect’s products and services.

Click here for a downloadable version of the above FAQs.

What is the General Data Protection Regulation (GDPR)?

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual, while also imposing fines that can be revenue-based. The General Data Protection Regulation covers all companies that deal with data of EU citizens, so it is a critical regulation for corporate compliance officers at banks, insurers, and other financial companies. GDPR will come into effect across the EU on May 25, 2018.

Read more: General Data Protection Regulation (GDPR) Definition | Investopedia