The EU-GDPR entered into force on May 25, 2016. The goal is to give customers control over their personal data.
It is mandatory that all EU-GDPR specifications are implemented no later than May 25, 2018. Otherwise, a company will face fines of up to 20 million Euro or up to 4% of the entire annual worldwide turnover as well as a severe reputational damage.
The EU-GDPR applies to all companies and organizations that collect, process, and store personal data. This includes client data, names, or email addresses. This means that companies must define rules, processes and measures in order to store and process these data in the right way.
With DRACOON, data can be easily used and stored in accordance with GDPR.
Client-side encryption plays a crucial role in compliance with GDPR. Companies must take appropriate technical and organizational measures to ensure a sufficient level of protection. These measures include, among others, the encryption of personal data.
Only when data is encrypted on the client it is ensured that the data is always encrypted. In addition, client-side encryption also provides internal security: Even administrators cannot look into the files.
Important cornerstones of GDPR are the fulfillment of integrity and transparency. Companies must be able to provide information on the handling of their personal data in an accurate, comprehensible and extensive manner – a piece of cake with the audit log of DRACOON.
The audit log informs GDPR-compliant about processing purposes and categories, recipients or storage periods. In addition, the audit log can be used to detect changes in data.