Version 17 May 2018
How GDPR affects McLEAR
The General Data Protection Regulation (GDPR) requires McLEAR to make the following changes to its platform and internal privacy program:
- It required McLEAR to introduce a Data Privacy team that will document and keep records of certain privacy-related decisions made by us, so that we are accountable for our privacy practices.
- It requires McLEAR to make sure that we and our partners are able to honour the rights of our European customers over their personal data.
- It requires McLEAR to obtain certain contractual commitments from our partners and requires us to make certain commitments to our customers when they use our services.
What McLEAR does to comply with GDPR
In order to comply with GDPR, we have implemented the following:
- We appointed a Data Protection Officer to oversee our data protection program and GDPR implementation.
- We implemented a Data Protection Impact Assessment process.
- We have reviewed our contractual arrangements with sub-processors, to make sure that they also protect personal data through robust technical and organizational measures.
- We have registered with the UK’s Supervisory Authority, the Information Commissioner’s Office.
- We deliver GDPR-focused training to key teams and personnel, so that they are aware of the law’s requirements and can design our products and business plans with privacy in mind.
- We implemented a detailed procedure to deal with data subject access requests, deletion requests, and government access requests.
- We documented the sub-processors that we use to deliver our platform and other services.
What else has McLEAR done for the GDPR?
McLEAR performed the following projects in preparation for the GDPR:
- We are created informational materials about our data protection program for customers who are looking to conduct due diligence and make sure that McLEAR can support their data protection needs.
- We prepared a detailed register of our data processing activities, as required by Article 30 of the GDPR.
- We worked with our app developers to ensure that they provide clients with detailed information about their data collection and usage practices.
- We updated our Privacy Policies to include the disclosures required by the GDPR.
Will McLEAR enter into Data Processing Agreements with its customers?
For customers who use McLEAR’s services, we have already revised our Terms of Service to incorporate a Data Processing Addendum. Please contact our Data Protection Department for more details on firstname.lastname@example.org .