What is GDPR?
The European Union
General Data Protection Regulation (GDPR) is the primary law regulating how companies protect EU citizen’s personal data. The regulation that took effect on May 25th, 2018 gives individuals broad rights to their data, and creates strong safeguards for the processing of any data. Any company that processes or stores customer data in the EU must be ready for GDPR by its effective date.
Will Shriman Technologies be compliant with GDPR?
Shriman Technologiesis committed to ongoing GDPR compliance. Shriman Technologies will execute a Data Processing Agreement (DPA) with customers, which pertains to how Shriman Technologies uses and protects Personal Data acting in the Processor Role. For more information, please
Contact Us.
How has Shriman Technologies prepared for GDPR?
Shriman Technologies is committed to protecting customer data and privacy, and we take our obligations regarding data compliance seriously and transparently. We have a GDPR core team comprised of senior members of our Legal, Security, and Product teams, dedicated to monitoring Shriman Technologies’s ongoing compliance. We have also updated our Privacy Policy to conform with the new requirements under the GDPR, and have self-certified with the EU-US and Swiss-US Privacy Shield Program.
Shriman Technologies’s ongoing commitment to data protection is evidenced in a variety of ways:
• Shriman Technologies only uses trusted, certified US datacenters, and does not participate in offshore data activities. Both AWS and Azure carry with them certifications, including ISO 27001 and SOC.
• Shriman Technologies enters into EU-approved Standard Contractual Clauses with customers to ensure adequate protections for the privacy of EU data subjects and compliance with the regulation.
• Shriman Technologies has self-certified with the EU-US and Swiss-US Privacy Shield and is pending formal confirmation to be listed on the Shield’s program.
• Shriman Technologies is currently in the process of obtaining a SOC-2, Type II report.
All data in transit and at rest is encrypted.
Maintenance Outages.
We will provide Customer with notification via e-mail for each planned Maintenance Outage outside of the normal maintenance hours at least one (1) business day in advance.
Customer acknowledges that Service Outages and emergency circumstances may require Maintenance Outages under conditions where such notice is not practicable.
What is considered “personally identifiable information” (PII)?
Personal Data is any information relating to an identified or identifiable natural person (aka “data subject”). An identifiable data subject is someone who can be identified, directly or indirectly, such as by reference to an identifier like a name, an ID number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
What customer PII data is collected?
Shriman Technologies requires the following categories of data in order to deliver the services provided on the Shriman Technologies platform:
1.First and last name
2.Email address
3.Phone number
Where will customer PII data be stored?
Customer Personal Data is stored in ISO 27001 certified data centers. This complies with GDPR, as the regulation governs the protection of customer data and does not require EU data residency.
How do you provide for the adequate transfer of data outside of the EU?
The EU provides for approved mechanisms for transferring data outside of the EU, one of which is the Standard Contractual Clauses between data controllers (you) and processors (Shriman Technologies). Shriman Technologies’s Data Processing Agreement contains the Standard Contractual Clauses stipulating how we use and protect Personal Data when acting in the Processor role. This is a key requirement for compliance with GDPR. For more information, please
Contact Us.