The EU General Data Protection Regulation (GDPR) replaces the existing 1995 EU Data Protection Directive (European Directive 95/46/EC).
It is our policy to keep data both private and safe. We do this in several ways, including:
- Sensitive data is encoded whilst on and before it leaves your computer.
- Data is also (optionally) further encrypted with AES-256 encryption locally and/or with us.
- Passwords are stored with us as one-way salted hashes.
- SSL technology is used to ensure data is private during communication.
- Regular backups are made in-case we ever need to recover data.
- Personal data can be exported in a machine-readable format.
We are registered with the Information Commissioner's Office in the UK (ID: ZA329948). A full copy of our data protection certificate and statement is available via their website.
In addition, we may need to contact you regarding setup, security and invoicing.
Under the GDPR, those collecting or processing data at 'large scale', collecting or processing certain types of sensitive data, or who are a 'public authority or body' may need to designate a Data Protection Office (DPO) and/or an EU representative.
Within the program, administrators will also see a GDPR option in the Administrator menu that shows who accepted the policy and when.