In May 2018, the EU General Data Protection Regulation (GDPR) replaces the existing 1995 EU Data Protection Directive (European Directive 95/46/EC).
Bolstra currently complies with applicable data protection regulations and is committed to GDPR compliance across its relevant services. Bolstra has a dedicated internal team made up of cross-functional stakeholders overseeing Bolstra’s GDPR readiness. Bolstra’s ongoing compliance efforts include:
As an ongoing process, Bolstra reviews where and how our relevant services collect, use, store and dispose of personal data and updating policies, standards, governance and documentation as needed.
Working in conjunction with our partners and customers, Bolstra is reviewing our contractual commitments and updating as needed to directly address GDPR requirements. Bolstra is also reviewing its supplier contracts to ensure GDPR compliance throughout its supply chain.
CROSS-BORDER DATA TRANSFER
In addition to ensuring Bolstra’s contractual commitments meet the requirements to legally transfer data from the EU to the rest of the world under applicable law, Bolstra is certified under the EU-US Privacy Shield Framework.
EMPLOYEE TRAINING AND AWARENESS
All Bolstra employees operate under a company policy that stresses the importance, and proper handling of any private data.
BOLSTRA PARTNERS AND CUSTOMERS
Compliance with the GDPR requires a partnership between Bolstra and our partners and customers in their use of applicable Bolstra services. In this context, Bolstra generally will act as a data processor and our partners and customers generally will act as data controllers. Working together, we hope to explore opportunities within our relevant service offerings to assist our partners and customers meet their GDPR obligations. In the meantime, Bolstra encourages partners and customers to independently familiarize themselves with the GDPR.