GDPR Update

AP4 Project Managers GDPR Compliance Overview

The General Data Protection Regulation (“GDPR”) takes effect on May 25, 2018. In an attempt to harmonize and simplify data-protection laws, the regulation introduces new requirements regarding the processing of personal data of data subjects located in the EEA.

AP4 Project Managers (“Company”) is implementing GDPR compliance with the attention this matter deserves. The following is a general overview which details the Company’s compliance with GDPR.

Progress

We are implementing our company-wide GDPR compliance strategy leading up to May 25, 2018 and going forward and we are committed to helping our customers fulfill their requirements under GDPR, publishing an updated Privacy Policy that goes into effect on May 25, 2018.

Customer data processing

The Company processes customer personal data to provide our services and for other specified purposes described in our Privacy Policy and Terms of Service.

Where is the user data hosted

AP4 Project Managers tries to offer at all times a secure, fast and robust service to the clients. We currently store data in data centers provided by Amazon Web Services (AWS) located in Canada (see https://aws.amazon.com/security for information on their security practices). Employees and contractors may also have access to some data that it’s required for product development, customer and technical support purposes.

Will the customer data always stay in the same place

The service features require that data be transferred to Canada. Our employees and contractors may need access to data stored in the EU from a non-EU country (e.g., US or Australia) for technical and support related reasons.

In all cases where data is transferred outside of the E.U., AP4 Project Managers commits to ensuring such transfers are compliant with applicable data transfer laws, including GDPR.

Privacy

Data Processing

When the users sign up for AP4 Project Managers, we require the name, company name, and email address so that the account is tailored to the users and the Company may send the user invoices, updates, or other essential information. The Company only processes personal data to the extent necessary and in accordance with applicable privacy laws including the GDPR. In addition, Company does not lease, sell or distribute data. According to agreements with third-party providers, Company’s DPO actively monitors Third Party’s adherence to GDPR.

When the users send an email to AP4 Project Managers asking a question or pointing out an issue, the message and the email are stored, for future reference. When the user accesses the company marketing pages, the company will track that for statistical purposes (ex: conversion rates, AB Testing, Issue tracking).

In addition, Company has ensured all documents, including without limitations, agreements, privacy policies online terms, IOs are compliant with the GDPR.

Security and Encryption

All data is encrypted via SSL/TLS when transmitted from the company servers to the user’s browser.

Cookies

The Company website uses cookies to better the users experience while visiting the website.

Cookies are small files saved to the user's computers hard drive that track, save and store information about the user's interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.

Account and Data Removal

When the users request for their account to be deleted, The company will ensure that nothing regarding said account is stored on our servers past 30 days.
Anything the users delete on their account while it’s active will be immediately removed from our databases.

Transparency and Fairness to both Users and Regulators

The Company maintains accurate and accessible written records to the extent legally required to provide authorities and legally entitled users, all in a timely manner. In accordance with GDPR, data subjects may exercise the right to access, rectification, restrict processing, erasure, data portability, the right to complain to a supervisory authority and the right to not be subject to automated processing.

Incident Responsiveness

The Company has the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident. The Company will provide regulators and users with an immediacy of notification to the extent required under applicable law.

Changes to this Policy

AP4 Project Managers may update this privacy policy from time to time. We’ll notify you about any significant changes by emailing the account owner or by placing a prominent notice on our site.

If you have any additional questions about our privacy policy, please contact us via email: support@ap4projectmanagers.com