get started
This FAQ is not legal advice. Instead, it provides background information and examples to help you better understand the GDPR in the context of handling personal data in Howspace.

What is the GDPR?

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
 
When will the GDPR go live?
The GDPR becomes enforceable starting 25 May, 2018.

Do I need to comply?
You must comply with GDPR if you offer your goods or services to any EU residents.
 
What happens if I do not comply?

You may be fined for up to €20 million or 4% of your worldwide revenue, whichever is greater.

 


How has Humap Software prepared for the GDPR?

Humap Software has reviewed the processing of personal data in its operations and the impacts of such processing. Current systems are built by taking into account information security requirements and personal data is protected by appropriate technical and organizational measures.

Our Terms of Service and Privacy Policy documents have also been updated to include all the relevant information and definitions required by GDPR. 

Howspace has been built from the ground up with data protection and privacy as the default practice. This enables us to comply with the new rights of data subjects such as the Right to rectification, Right to access and Right to be forgotten.

Where are your servers located?

Our Howspace servers are located within the EU/EEA and we will not transfer or process personal data outside the EU/EEA area unless otherwise agreed with the customer.

 


What does GDPR mean for me as a Howspace customer and user?

For the most part, not much. We have made sure that all the information recorded and processed in Howspace is secure and stays within the EU/EEA area unless otherwise agreed. You just need to make sure that if you are collecting personal data ( 1 ) you have a valid reason to do so and ( 2 ) you are using it only for the purposes you said you would.

 

What is the one thing I should remember about GDPR?

The entire processing chain for personal data must be recorded and the justification and purposes for collecting personal data must be specified in a Privacy Policy document.
 

What constitutes personal data?

Any information relating to an identified or identifiable natural person (name, identifiable photo, phone number, address, email address, IP address)
 

Who is responsible for the Privacy Policy?

The data controller is responsible for the Privacy Policy.
 

How do I know who is the data controller in any given project?

Data controller is the party who, alone or jointly with others, determines the purposes and means of the processing of personal data. The parties processing personal data on behalf of the data controller are either data processors or data sub-processors.

Examples:

  • Consultant is hired by Company A to facilitate work with Company A’s employees, using the Howspace platform:
    • Data controller = Company A
    • Data processor = Consultant
    • Data sub-processor = Humap Software
  • Company A is a direct customer of Humap Software, and uses Howspace platform with its employees:
    • Data controller = Company A
    • Data processor = Humap Software

 


Read more:

Kimi-arima.jpg

GDPR for REAL customers

The impact of the GDPR on your work will depend on your role in collecting and processing information about the users of REAL.  

READ MORE

tuomas-koski.jpg

GDPR and the human factor

Humap Software has worked to ensure that all of the properties of REAL comply with the new regulation. GDPR is as an ethical guideline, protection for internet and REAL users. 

READ MORE

Didn't find answers to your questions from above?

Please submit your question to us and we will get back to you as soons as possible.