Last update: May 22, 2018
OnFrontiers has been preparing for the European Union’s (EU) General Data Protection Regulation (GDPR) since the beginning of 2018. We are strengthening processes and procedures to ensure we meet and exceed applicable obligations. OnFrontiers operates on a shared responsibility model with our clients and experts, and we are committed to help you to comply with GDPR, as well.
In support of GDPR compliance, we are enhancing our platform for increased transparency related to our:
- Legal Terms and Conditions
- How we collect, maintain, use and secure your data
- How you can access and control your data
As part of our effort to achieve GDPR compliance, OnFrontiers engaged in an assessment of the technical and organizational security measures we use to secure the Personal Data of our Clients and Experts. We are confident that the measures we employ are robust and appropriate. We have also identified further improvements which we look forward to implementing and updating you about in the future.
Additionally, we have:
- Reviewed and assessed the sufficiency of the technological and organizational tools and practices we employ to secure Personal Data
- Reviewed and updated data retention policies to ensure we do not maintain your data longer than necessary
- Reviewed and updated all sub-processor relationships to ensure our sub-processors observe data protection practices that are at least as protective as our own
- Reviewed and updated all internal policies and procedures to enhance Personal Data security
- Reviewed data mapping and data inventory practices, and updated where necessary, to ensure a clear understanding of the data entrusted to us
- Implemented training policies and procedures to ensure all OnFrontiers employees understand their confidentiality obligations and abide by OnFrontiers data protection policies
- Updated language used throughout our Platform, to ensure our Platform users understand our data practices and their rights with regard to their own data.
OnFrontiers only collects, uses, and retains data as necessary to provide you agreed services and to fulfill our legal obligations. As a user of OnFrontiers, whether as a Client or Expert, you have control over what data you share with us and for how long.
OnFrontiers has implemented many controls to promote confidentiality, accuracy, and availability of data. In particular:
- OnFrontiers has strong technical data protection controls, which include encryption in transit and encryption at rest of customer data to safeguard customer data from unintended access or misuse.
- OnFrontiers employs a continuous security testing strategy to aid in the proactive identification of software vulnerabilities.
- OnFrontiers maintains incident response and customer notification processes. These procedures are tested on a regular basis.
- OnFrontiers has reviewed all key subprocessors, eg., Amazon Web Services (AWS), Intercom and Mailchimp, etc.Please see the full list of subprocessors here: