GDPR

Compliance Statement

In May 2018, the EU General Data Protection Regulation (GDPR) replaced the existing 1995 EU Data Protection Directive (European Directive 95/46/EC). Nuvola currently complies with applicable data protection regulations and is committed to GDPR compliance across its relevant services. Nuvola has a dedicated internal team overseeing Nuvola’s GDPR ongoing compliance efforts, which include:

ASSESSMENT

Nuvola has reviewed where and how our relevant services collect, use, store and dispose of personal data and has updated policies, standards, governance and documentation where needed. Nuvola is dedicated to keeping such due diligence current and carrying out re-assessments periodically and/or as required by changed circumstances. The findings are communicated to our teams, who are charged with working out the solutions to the identified problems.

APPLICATION DESIGN

Our application teams have embraced the concept of privacy by design and have provided users with more control over the data they store in our systems. These provisions may vary based on a product’s characteristics and domain. Nuvola constantly endeavors to provide users with more enhancements, which shall be rolled out in phases. We have cleaned up our databases to ensure that we have only the latest and most accurate information, and dispose of data when our customer cancels our service.

CONTRACTUAL COMMITMENTS

Working in conjunction with our partners and customers, Nuvola is reviewing our contractual commitments and updating as needed to directly address GDPR requirements. Nuvola has also reviewed its existing supplier contracts to ensure GDPR compliance throughout its supply chain and will continue to conduct due diligence as new suppliers are onboarded.

EMPLOYEE TRAINING AND AWARENESS

All Nuvola employees must complete data privacy and security training. Nuvola has supplemented existing training modules with GDPR-specific content. In addition to these training requirements, Nuvola conducts ongoing awareness initiatives on a variety of topics, including data protection, security and privacy.

PRIVACY POLICY

We have revised our Privacy Policy to comply with the GDPR, ensuring that all individuals whose personal information we process have been informed of why we need it, how it is used, what their rights are, to whom the information is disclosed and what safeguarding measures are in place to protect their information.

Nuvola Partners and Customers

Compliance with the GDPR requires a partnership between Nuvola and our partners and customers in their use of applicable Nuvola services. In this context, Nuvola generally will act as a data processor and our partners and customers generally will act as data controllers. Working together, we hope to explore opportunities within our relevant service offerings to assist our partners and customers meet their GDPR obligations. In the meantime, Nuvola encourages partners and customers to independently familiarize themselves with the GDPR.

GDPR Data Map

GDPR Data Map Nuvola

Trusted by