As of 25th May 2018 the General Data Protection Regulation (GDPR) went into force. At WaveCom we have always been committed to data privacy and security and we have taken all necessary steps to ensure GDPR compliance.
What is GDPR?
GDPR is the European Union regulation that replaces the Data Protection Directive and is aimed at strengthening and unifying data protection for all individuals within the European Union. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
What does GDPR change?
GDPR gives individuals the control over how their personal information is being collected, stored and used. Under GDPR individuals have the following rights:
The right to be informed – individuals will have the right to be given information about how their data is being processed and why.
In our website, customers can familiarize themselves with our privacy policies where we explain how their data is being used and why.
The right to access – individuals will have the right to obtain the confirmation as to whether or not personal data concerning them is being processed, where and for what purpose and to receive a copy of the personal data, free of charge, in an electronic format.
In our client area, registered clients have access to overview of their personal information stored by us. They can see all the information being collected along with its purpose. (Billing or non- billing). Billing data needed for invoicing needs to be stored for 7 years according to the Estonian law.
The right to data portability – individuals will have the right to receive the personal data concerning them, which they have previously provided in a ‘commonly used and machine readable format‘ and have the right to transmit that data to another controller.
Our self-service enables to easily download all personal information gathered in client profile to a JSON file with a single click of the mouse from My Account→ Overview section.
The right to be forgotten – individuals will have the right to have their personal data erased and to cease further dissemination of the data, and potentially have third parties halt processing of the data.
Our clients can request to have their account deleted and their data forgotten with just two mouse clicks. If we need to keep some of customer’s data for legal or tax purposes, we will remove as much client information as possible. We will close the client profile, terminate client services, clear client changes log, emails and tickets and remove ALL non-billing data.
The right to object – individuals will have to right to object at any time to processing of personal data concerning them.