GDPR, or the General Data Protection Regulation, is a new framework of rules and compliance obligations governing how businesses can collect, use, and share date from consumers within the EU. Even if a business is not based within the EU, they must follow the new rules if any of their customers are EU citizens. The GDPR is designed to empower consumers and their privacy by requiring companies to explain how and what data is being used by the organization. Additionally, the framework assures a level of security and privacy by requiring companies to appropriately safeguard protected data.
How is ReCharge Affected?
What is ReCharge Doing to Prepare for the GDPR?
ReCharge has been hard at work to ensure full GDPR compliance by the May 25, 2018 deadline. Activities ReCharge has undertaken include:
- Engaging external GDPR experts to ensure the regulation is being followed to its full extent
- Re-working ReCharge’s Terms of Service and Privacy policies to include new language referencing GDPR
- Reviewing contractual agreements with vendors and processors with which ReCharge does business to assess their compliance
- Beginning GDPR-focused training to ReCharge staff who work with protected data on a day-to-day basis
- Creating and documenting new procedures to ensure ReCharge’s current workflow satisfies the new regulations
- Developing a Data Protection Impact Assessment process to evaluate and mitigate security and privacy risks as they evolve
- Evaluating ReCharge’s current state as it relates to the data it processes on behalf of its merchants