Idea Elan

GDPR Compliance

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law established by the European Union (EU) to safeguard the privacy and personal data of individuals within the EU. It came into effect on May 25, 2018, replacing the previous Data Protection Directive 95/46/EC. Below is an overview of its key aspects:

Purpose of GDPR

  • To harmonize data privacy laws across EU member states, creating a unified framework.
  • To provide individuals more control and transparency over how their personal data is collected, processed, and used.
  • To hold organizations accountable for their data protection practices, ensuring they take necessary measures to secure personal data.

Key Features of GDPR

  1. Scope:
    • Applies to organizations within the EU and those outside the EU that process the personal data of individuals in the EU.
    • Covers all types of personal data, including names, email addresses, IP addresses, biometric data, and more.
    •  
  2. Rights of Individuals:
    • Right to Access: Individuals can request access to their personal data.
    • Right to Rectification: Individuals can ask to correct inaccurate data.
    • Right to Erasure (Right to be Forgotten): Individuals can request deletion of their personal data under certain conditions.
    • Right to Data Portability: Individuals can obtain and reuse their personal data for their own purposes.
    • Right to Object: Individuals can object to processing for purposes like direct marketing.

Rights Related to Automated Decision-Making: Individuals can challenge decisions made solely by algorithms.

Is Idea Elan a Controller or a Processor?

  1. Role of the Processor:
    • A processor processes personal data on behalf of the controller.
    • Idea Elan processes data based on the instructions of the controller (the customer).
    •  
  2. Role of the Controller:
    • The controller determines the purposes and means of processing personal data.
    • As a customer of Idea Elan, you act as the controller, taking responsibility for the lawful collection and processing of personal data.
    •  
  3. GDPR Compliance:
    • Both controllers and processors have obligations under the GDPR.
    • Idea Elan, as a processor, must provide sufficient guarantees that it complies with GDPR requirements.
    • You, as the controller, must ensure that your processors (e.g., Idea Elan) comply with GDPR standards and that personal data is processed lawfully.

In summary, Idea Elan acts as a processor, while its customers operate as controllers, bearing responsibility for ensuring that processing activities comply with GDPR requirements.

How does Idea Elan process and use the data?

We are committed to be transparent in how we handle and process personal data by following the GDPR key principles:
  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data Minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality (security)
  • Accountability
Data Hosting Locations
  • The EU will be stored in EU data centers.
  • The UK will be stored in UK data centers.
  • Australia and New Zealand will be stored in Australia data centers.
  • The US will be stored in US data centers.
  • Canada will be stored on Canadian data centers.
  • The Middle East will be stored within the Middle East.
We only process personal data we actually need for providing our products and services, such as Email id, Name and if applicable the phone number. Based on a detailed risk assessment we have put in place based on data with appropriate measures that allow us to comply with the GDPR. <

Data subject rights?

As part of the GDPR, EU data subjects have the following rights:
    • Right to rectification: Users have the right to modify personal information at any time.
    • Right to be forgotten: Users may request for the permanent deletion of their personal data.
    • Right to portability: Users may request that their personal data be exported and sent to another organization or competitor.
    • Right to object: Users may object to specific types of processing or uses of their personal data.
    • Right of access: Users have the right to be informed of any and all of their personal data that has been collected, as well as its intended use.
Our platform offers self service features that our customers can use to review personal data stored. All requests from a data subject will be handled as soon as possible along with the respective customer.

GDPR Compliance

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law established by the European Union (EU) to safeguard the privacy and personal data of individuals within the EU. It came into effect on May 25, 2018, replacing the previous Data Protection Directive 95/46/EC. Below is an overview of its key aspects:

Purpose of GDPR

  • To harmonize data privacy laws across EU member states, creating a unified framework.
  • To provide individuals more control and transparency over how their personal data is collected, processed, and used.
  • To hold organizations accountable for their data protection practices, ensuring they take necessary measures to secure personal data.

Key Features of GDPR

  1. Scope:
    • Applies to organizations within the EU and those outside the EU that process the personal data of individuals in the EU.
    • Covers all types of personal data, including names, email addresses, IP addresses, biometric data, and more.
    •  
  2. Rights of Individuals:
    • Right to Access: Individuals can request access to their personal data.
    • Right to Rectification: Individuals can ask to correct inaccurate data.
    • Right to Erasure (Right to be Forgotten): Individuals can request deletion of their personal data under certain conditions.
    • Right to Data Portability: Individuals can obtain and reuse their personal data for their own purposes.
    • Right to Object: Individuals can object to processing for purposes like direct marketing.

Rights Related to Automated Decision-Making: Individuals can challenge decisions made solely by algorithms.

Is Idea Elan a Controller or a Processor?

  1. Role of the Processor:
    • A processor processes personal data on behalf of the controller.
    • Idea Elan processes data based on the instructions of the controller (the customer).
    •  
  2. Role of the Controller:
    • The controller determines the purposes and means of processing personal data.
    • As a customer of Idea Elan, you act as the controller, taking responsibility for the lawful collection and processing of personal data.
    •  
  3. GDPR Compliance:
    • Both controllers and processors have obligations under the GDPR.
    • Idea Elan, as a processor, must provide sufficient guarantees that it complies with GDPR requirements.
    • You, as the controller, must ensure that your processors (e.g., Idea Elan) comply with GDPR standards and that personal data is processed lawfully.

In summary, Idea Elan acts as a processor, while its customers operate as controllers, bearing responsibility for ensuring that processing activities comply with GDPR requirements.

How does Idea Elan process and use the data?

We are committed to be transparent in how we handle and process personal data by following the GDPR key principles:
  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data Minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality (security)
  • Accountability
Data Hosting Locations
  • The EU will be stored in EU data centers.
  • The UK will be stored in UK data centers.
  • Australia and New Zealand will be stored in Australia data centers.
  • The US will be stored in US data centers.
  • Canada will be stored on Canadian data centers.
  • The Middle East will be stored within the Middle East.
We only process personal data we actually need for providing our products and services, such as Email id, Name and if applicable the phone number. Based on a detailed risk assessment we have put in place based on data with appropriate measures that allow us to comply with the GDPR. <

Data subject rights?

As part of the GDPR, EU data subjects have the following rights:
    • Right to rectification: Users have the right to modify personal information at any time.
    • Right to be forgotten: Users may request for the permanent deletion of their personal data.
    • Right to portability: Users may request that their personal data be exported and sent to another organization or competitor.
    • Right to object: Users may object to specific types of processing or uses of their personal data.
    • Right of access: Users have the right to be informed of any and all of their personal data that has been collected, as well as its intended use.
Our platform offers self service features that our customers can use to review personal data stored. All requests from a data subject will be handled as soon as possible along with the respective customer.