The General Data Protection Regulation 2016/679 (the "GDPR") is the law of the European Union and the European Economic Area regarding data protection and privacy. The GDPR was implemented on 25.05.2018 and allows EU citizens to better control their personal data while modernising and unifying the rules allowing businesses to reduce red tape and to benefit from greater consumer trust.
Find out more for the data protection and the approach of the European Commission, on their official website
How are we complying with GDPR?
The efforts of Boomerangme, Inc. to comply with the requirements of the GDPR started before its implementation in 2018 by appointing a Data Protection Officer ("DPO") who together with the security team of the company ensured that among other issues:
Internal policies and procedures are drafted, maintained and followed in all business operations
The online Terms & Conditions have been reviewed and amended
We have prepared a Data Processing Agreement to be concluded between you and us in the event you subscribe to our services. You can obtain a copy by submitting a request by email to firstname.lastname@example.org.
Additional online policies are made available for users and visitors
Our contractual relationships with our suppliers are assessed and additional documentation for privacy and data protection is concluded - the Data Processing Agreements/Addendums
Old suppliers have been scrutinised and some have been dropped just for security's sake
All members of the company go through a privacy and data protection training server security has been hardened even further
Back up procedures have been changed to minimize personal information storage for deleted systems