Jonathan van Driessen
- Total activity 140
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 3
Articles
Recent activity by Jonathan van Driessen-
What are the data retention policies for DESelect?
Note that we do not store actual customer data in our solution, DESelect. As for metadata, unless agreed otherwise, the following policy applies in case of termination of the customer contract for ...
-
Did you define your data retention rules?
We did do this for DESelect as a solution, but not yet for some of our internal applications. As a relatively new company, our data is fresh and relevant. Our data retention processes are yet to ...
-
Is DESelect GDPR Compliant?
Yes, DESelect is GDPR compliant.
-
Have you updated all of your policies to include and meet GDPR regulations?
Yes, our internal data privacy and security policies were last mass-reviewed in May 2020. Since then, we have also accommodated with regards to the EU decision to invalidate the Privacy Shield. All...
-
Have you appointed a Data Protection Officer?
Jonathan van Driessen (via the email address privacy@deselect.com) acts as our internal data privacy officer, and we're currently in the processing appointing an independent external DPO.
-
Do you perform third-party security audits / due diligence checks on the companies you collaborate with?
We currently don't have a need to do third-party audits. The one subprocessor we have (DigitalOcean) has certification reports proving it's secure to work with them.
-
Are you able to guarantee that the amount of personal data collected will be strictly limited to that which is necessary for the optimal use of any new product, service or application?
Yes, we have processes in place to guarantee this.
-
Do you know how personal data is stored, processed, shared and used within your organization?
Our Information Classification Policy can be found here: https://drive.google.com/file/d/1PrL0i7HuQiSZjZWbbWBXzRRAo68VMvxJ/view?usp=sharing Our Data Protection Policy can be found here: https://...
-
Have you performed a data processing audit, identifying all the elements requiring modification within your current data processing activities?
We keep an internal record of our current data processing activities, including different categories of data and how they need to be processed. This is continuously updated as needed.
-
Do you have an impact assessment process in place (one that will be applied and documented for each process that presents a risk)?
Based on the type of processing we do, an impact assessment is not required according to GDPR. This is re-evaluated on a quarterly basis.