GDPR COMMITMENT

Last update: May 22, 2018

OnFrontiers has been preparing for the European Union’s (EU) General Data Protection Regulation (GDPR) since the beginning of 2018. We are strengthening processes and procedures to ensure we meet and exceed applicable obligations. OnFrontiers operates on a shared responsibility model with our clients and experts, and we are committed to help you to comply with GDPR, as well.

In support of GDPR compliance, we are enhancing our platform for increased transparency related to our:

  • Privacy Policy
  • Legal Terms and Conditions
  • Cookie Policy
  • How we collect, maintain, use and secure your data
  • How you can access and control your data

Actions

As part of our effort to achieve GDPR compliance, OnFrontiers engaged in an assessment of the technical and organizational security measures we use to secure the Personal Data of our Clients and Experts. We are confident that the measures we employ are robust and appropriate. We have also identified further improvements which we look forward to implementing and updating you about in the future.

Additionally, we have:

  • Reviewed and assessed the sufficiency of the technological and organizational tools and practices we employ to secure Personal Data
  • Reviewed and updated data retention policies to ensure we do not maintain your data longer than necessary
  • Reviewed and updated all sub-processor relationships to ensure our sub-processors observe data protection practices that are at least as protective as our own
  • Reviewed and updated all internal policies and procedures to enhance Personal Data security
  • Reviewed data mapping and data inventory practices, and updated where necessary, to ensure a clear understanding of the data entrusted to us
  • Implemented training policies and procedures to ensure all OnFrontiers employees understand their confidentiality obligations and abide by OnFrontiers data protection policies
  • Updated language used throughout our Platform, to ensure our Platform users understand our data practices and their rights with regard to their own data.

Transparency

GDPR requires clear privacy policies that explicitly state what data is being collected and how it is used, stored, and shared. OnFrontiers has updated our privacy policy to ensure it is accurate and easy to understand. The policy also seeks to ensure that individuals understand how to access and exercise control over Personal Data which they may choose to share with us.  

Minimization

OnFrontiers only collects, uses, and retains data as necessary to provide you agreed services and to fulfill our legal obligations. As a user of OnFrontiers, whether as a Client or Expert, you have control over what data you share with us and for how long.

Security

OnFrontiers has implemented many controls to promote confidentiality, accuracy, and availability of data. In particular:  

  • OnFrontiers has strong technical data protection controls, which include encryption in transit and encryption at rest of customer data to safeguard customer data from unintended access or misuse.
  • OnFrontiers employs a continuous security testing strategy to aid in the proactive identification of software vulnerabilities.
  • OnFrontiers maintains incident response and customer notification processes. These procedures are tested on a regular basis.
  • OnFrontiers has reviewed all key subprocessors, eg., Amazon Web Services (AWS), Intercom and Mailchimp, etc.Please see the full list of subprocessors here:https://onfrontiers.com/legal/sub-processors-of-onfrontiers/ ‎