Passed in 2016, the new
General Data Protection Regulation (GDPR) is the most significant legislative change in European data protection
laws since the EU Data Protection Directive (
Directive 95/46/EC), introduced in 1995. The GDPR, which becomes enforceable on May 25, 2018, seeks to strengthen
the security and protection of personal data in the EU and serve as a single piece of legislation for all of the
EU. It will replace the EU Data Protection Directive and all the local laws relating to it.
We support the GDPR and will ensure the Stamplay platform comply with its provisions by May 25, 2018. Not only is the GDPR an important step in protecting the fundamental right of privacy for European citizens, it also raises the bar for data protection, security and compliance in the industry.
Stamplay is committed to helping our customers succeed under the GDPR, whether they are large companies or independent individuals.
The GDPR imposes obligations on data controllers and data processors. Stamplay customers typically act as the "data controller" for any personal data about their end-users they provide to Stamplay in connection with their use of Stamplay, and Stamplay is, generally, a "data processor".
This means that data is under the customer's control. Controllers are responsible for obligations like fulfilling an individual's rights with respect to their personal data. If you're a customer, and would like to understand your responsibilities as a data controller, you should familiarize yourself with the provisions of the GDPR, and check on your compliance plans.
All data are encrypted in transit and at rest. They can be encrypted at application level for additional security, but such an encryption has to be handled by you. Therefore, we don't (and will not) "manage" personal data, which means that if you store personal information data in your Objects or Flow - you are the Data Controller of it.
You can find the Data Processing Agreement here.