GDPR

The General Data Protection Regulation (“GDPR”), which is in effect as of May 25, 2018, is an iteration of the existing data protection law defined and enforced by the European Union. 

Vitalerter LTD (“Company” or “we”) is committed to ensuring that its services comply with the GDPR, and that its client can continue to use its services. Company has for months designated an internal team, which are accompanied by the Company’s legal consultants and other professional and expert consultants, for the sole purpose of ensuring all required actions are taken in order to achieve GDPR compliance. 

Please see below a general overview which details the Company’s compliance with GDPR for additional information please contact us at  privacy@vitalerter.com

Data Processing
Company only processes personal data to the extent necessary and in accordance with applicable privacy laws including the GDPR. Company has ensured that there is an applicable lawful basis for any and all processing of EEA data subjects Personal Data and has entered into applicable Data Processing Agreements with its vendors. Company only processes personal data to the extent necessary and in accordance with applicable privacy laws including the GDPR. In addition, Company has ensured all legal documents, including without limitations, agreements and privacy policy are compliant with the GDPR.

Technological Organizational and Security Standards
The Company has completed an in-depth audit data mapping out all of the Personal Data and data sets which it processes, as well as the technical and organizational security measures used in order to safeguard and protect such data. For additional information, please see  Vitalerter’s privacy policy. 

Education
Company has ongoing training for its personnel and employees with regards to the GDPR, Company’s data practices and the importance of data security.

Transparency to Regulators
Company maintains accurate and accessible written records to the extent legally required to provide supervisory authorities, all in a timely manner, as required under applicable laws including the GDPR. 

User Rights
In accordance with GDPR, data subjects may exercise the following rights:
• Request to access Personal Data.
• Request the rectification of Personal Data.
• Request the erasure of Personal Data.
• Request to restrict processing of Personal Data.
• Object to processing of Personal Data.
• Request to exercise right of data portability.
• Right to file a complaint to a supervisory authority.
• Right to withdraw consent (to the extent applicable).
In order to exercise any of the above rights please fill this form .

Incident Responsiveness
Company has implemented a process, in the event of a data breach and will provide the data controllers, the regulators and the end users with an immediacy of notification to the extent required under applicable law.

Legal Documentation
Our Legal team is busy ensuring our legal documentation is updated to reflect any changes and to include the mandatory Processor provisions required by Article 28 of the GDPR.