Find out how GPDR affects Textkernel and its customers, and what we do to ensure compliance.
What is GDPR?
The European Union (EU) General Data Protection Regulation (GDPR) is a set of regulations coming into effect on May 25, 2018 that enhance the data privacy rights of EU individuals and unify data privacy protections within the EU. The scope of the GDPR covers companies operating in the EU, as well as companies operating outside the EU who offer services to, or monitor the behaviour of, EU residents.
How does GDPR apply to Textkernel?
The GDPR sets out obligations on 1) Data Controllers, or those that determine the purpose and means of the processing of personal data of EU residents, and 2) Data Processors, or those that process personal data of EU residents on behalf of Data Controllers.
Textkernel is a Data Processor with respect to the personal data processed and/or collected in the following products: Extract! CV parser, Search! and Match!. Textkernel processes the personal data collected in these products on behalf of its customers, and those customers are either Data Processors as well or the Data Controllers of said data. As a Data Processor, Textkernel processes said data only on the instructions from its customers.
What is Textkernel doing to foster compliance with GDPR?
Textkernel is committed to GDPR compliance across our products to ensure our compliance. We have reviewed our systems, processes, policies and documentation and updated them where necessary.
What should customers of Textkernel do?
When Textkernel acts as a Data Processor on a customer’s behalf, our customers as Data Controllers are responsible for ensuring that their use of our services is in compliance with the GDPR. Please consider the following:
- The GDPR requires Data Controllers to have a contract with their Data Processors. The GDPR sets out what needs to be included in the contract (in general called a Data Processing Agreement);
- The GDPR requires Data Controllers to have a legal basis for processing personal data and requires them to provide information to people about how their personal data is processed;
- The GDPR requires Data Controllers to retain personal data no longer than necessary for the purpose it was obtained for. Depending on the usage of Textkernel’s services, customers may need to conduct data maintenance to be compliant with the GDPR.
Can we be of service?
Please don’t hesitate to contact us if you have any questions or comments. Our team is happy to help! firstname.lastname@example.org