Now, we announce that our GDPR Matraex – Data Processing Addendum.pdf template is available to our clients and customers. This means all of our US based clients that work with Personal Information of European Economic Area (EEA) citizens, can fill out the agreement and submit it to Matraex and keep our Service Agreements compliant with the GDPR.
The DPA also includes EU Model Clauses, which were approved by the European Union (EU) data protection authorities, known as the Article 29 Working Party. This means that Matraex customers wishing to transfer personal data from the EEA to other countries can do so with the knowledge that when Matraex processes the subject personal data it will be given the same high level of protection it receives in the EEA.
- This announcement is important to our previous customers, we are able to provide followup work on their existing software which interacts with EEA personal data.
- This announcement is VERY important to our existing customers, it provides assurances that Matraex can continue working with their applications and services which process EEA personal data.
Each Matraex customer using processing EEA personal data will need to have a data processing agreement to comply with GDPR. Previous, existing and new customers are asked to download and read the agreement and fill out the requested information. While the entire agreement is important to read and understand, certain areas require input:
- Enter your company information on Page 2
- Have a company authority execute the agreement on Page 5
- Enter the Member State your business is established in on Pages 10 and 11
- Enter the “Categories of Data” which will processed on Page 12
Please contact us directly to assist in filling out the information, when ready, email it to email@example.com so we may review it, and counter sign it.
I am sure you have read them all and you understand that the EEA’s GDPR goes into effect today – May 25, 2018.
- Our policy is easy to read with a Summary at the top and the Full policy beneath
- Our policy is a single document rather than a maze of links
- Our policy applies to all personal data
Matraex is also Very Different than most of the companies you have seen emails from.
- Matraex builds the software for the companies subject to GDPR
- Matraex maintains and enhances the software for companies subject to GDPR
- Matraex is subject to GDPR as a Data Importer and Data Processor on behalf of our clients, (others are Data Controllers and Data Processors)
As a third party Data Importer and Data Processor GDPR requires that our policies must also govern our data responsibility between our parties by entering into a Data Protection Addendum (request an addendum here)
In the process of putting GDPR together the EEA has defined quite a bit of vocabulary to help define responsibility in handling Personal Information Data – check out this glossary of GDPR terms to help define some of the terms I used above
To discuss any privacy, GDPR or custom services please contact us.
The list of websites that have been hacked is growing, and it is VERY likely that every one of us has been affected.
Hackers have always compiled, sold and distributed a list of breached accounts, but in December 2017 researchers saw an unprecedented list show up on the Dark Web.
A hacker assembled 1.4 billion compromised email address and credentials into a very organized list. The hackers provided tools to quickly search, sort and add to the list.
The compromised accounts were from many recent hacks including LinkedIn, Equifax and Uber. To see an updated list of hacks, refer to the Wikipedia article. https://en.wikipedia.org/wiki/List_of_data_breaches
The 42 GB list is currently shared on many Peer to Peer networks and it can be found by anyone that truly wants to.
If you are a business with multiple domains and you need assistance researching how they were affected, contact Michael Blood at 208.344.1115 x 250