Werecoin GDPR management
GDPR (General Data Protection Regulation) is the updated Privacy Laws passed by the European Union and enforceable as of May 25, 2018, which upholds the belief that data protection is a fundamental human right and outlines specific requirements for the protection of these rights by companies and organizations.The EU maintains that this regulation applies not only to companies in the EU, but to any company that is processing or handling personal data for EU citizens.
Data protection and privacy is our constant concern for Werenode services management. With our embedded technology, Werenode’s vision is to enable individuals to have full control over their online data. The GDPR aligns with our mission to protect these rights and creates more awareness for individuals and companies to come to this same conclusion.
What is Personal Data?
Personal data is any data that can be used to identify an individual. Examples of personal data includes identifiers such as name, location, profile photos, email addresses, and many more.
Data Subject Rights
The following is a list of data protection rights included in GDPR that are supported within our product.
Right to be informed – You have the right to know how your data is being processed.
Right of Access – Your have the right to access and request copies of your data that’s being collected.
Right of Rectification – You have the right to modify or update your personal data if incorrect data is being used.
Right to Erasure – You have the right to delete any personal data that has been collected.
Right to Restriction – You have the right to prevent a company from processing certain types of personal data.
Right to Data Portability – You have the right to access your personal data and transfer it between controllers.
Right to Object – You have the right to withdraw consent to the processing of your data for public interest, marketing or research.
Right to Reject Automated Decisions – You have the right to object to your data being processed by automatic systems.
Below is a list of steps we are taking to ensure that our company is GDPR compliant:
Third party processor audit – We are continuously reviewing all of our third party data processor that interact with our user’s data to ensure they are compliant.
Multiple team trainings – Every individual on our team has received multiple trainings on data protection and understand the requirements needed.
Internal security audit – We have undergone multiple security audits to fully secure our users’ data.
Data mapping – We have documented and understand how data is processed by our platform starting from initial submission of any type of data.
Official data breach process – We have an official process to communicate any potential breaches in data that may occur with our users’ data.
Internal data protection team – We have setup a cross-departmental team to ensure data protection across the company.
Channel for data requests – We have setup firstname.lastname@example.org as a channel to directly contact our data protection team
Data Protection Tools
Werenode provides a number of tools that allow you to own and control your data:
Data management — Complete insight into which data is being shared and processed, keep your information up-to-date.
Data encryption and decentralized storage — Data is protected and stored securely.
Data access — Full control over which applications can access your data.
Data deletion — Once you delete data, it is completely removed from our servers.
GDPR Compliance Roadmap
Below are the steps we have taken to ensure your data is protected and that our product and company are GDPR compliant:
Reviewed how Werenode handles data and mapped our various data flows. This allowed us to recognize any modifications that needed to be updated.
Educated the entire Werenode team about GDPR and provided guidance to various teams on how to ensure compliance across departments.
Underwent a security audit to ensure the integrity of users’ data. Created protocols to maintain and ensure compliance in the future.