"Even before the RGPD came into force, EasyVista was aware of the management of personal data, especially on behalf of its customers. Indeed, we have been audited every year since 2017 by an organization that validates our compliance with the requirements of the SSAE 18-SOC2 audit. It allows verification of the implementation of processes related to the security of our customers' information, including users' personal data. ». Says Easyvista.
It must be said that the European regulation of personal data in order to put new obligations yet on the protection of the data of European users. These new requirements have prompted several companies to revisit their policy of managing the personal information they are responsible for. This is exactly the case with Easyvista, at least as its management specifies. "So we started an RGPD project for the whole company. We looked at three perspectives for compliance, being both employer, customer and supplier. On each of these areas, the first challenge was to set priorities for developing action plans. In addition, With EasyVista operating in six European countries, and North America (Canada and the United States), we had to integrate an international dimension from the outset. In addition, there is no turnkey solution for compliance. The company notes.
This article will also interest you: The European Commission and free software
Indeed, it was clear that the company has been accompanied by specialists in the field from the beginning. Whether technical, technological and even legal. To this end, legal specialists in the field of RGPD can be observed in the company. Subsequently it was the recruitment of a security manager of training systems as required by the European regulations. Since April 2018, the group has been going to Europe and has been made up of several skills to ensure compliance with the standard. As a result, his team was able to observe
– An information systems security manager dedicated specifically to SaaS customer architectures;
– The Chief Financial Officer;
– A lawyer specializing in ICT law;
– A Data Governance Manager.
"Our first priorities have been marketing, existing customer contracts and the personal data of our employees. Regarding marketing, the personal data of prospects is collected via forms on our public website, or through registration for events (computer shows) in which EasyVista participates. We have made the necessary changes to bring our data collection media into compliance, i.e. to obtain the consent of visitors to our site, specify the purpose of the data processing and verify the shelf life. This compliance required joint work with group marketing, and led to a significant overhaul of our e-marketing methods. Easyvista says.
The group continues to persist in the fact that it is still deploying the necessary means to achieve the objective set by the need to protect personal data.
"We have also adapted and implemented our Personal Data Policy. So is privacy, which relates to data collected in sales and marketing. I am also thinking about the delivery of the software, the realization of the associated services and the administrative management. ».
Now access an unlimited number of passwords: