On May 25, 2018, the General Data Protection Regulation (GDPR) came into force, impacting how businesses collect and process data from individuals. Waytek has always taken data privacy and security seriously and is fully committed to being compliant with GDPR legislation.
The GDPR (General Data Protection Regulation) is an important piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union. While the GDPR legislation is specific to European customers, a continent that Waytek does not actively market or sell to, we believe that aligning our data protection policies and practices with GDPR is in the best interests of our customers.
There are 3 stakeholders in the relationship:
- The Data Subject: The person that is the subject of the personal data. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address
- The Data Controller: A controller is an entity that determines the purposes, conditions, and means of the processing of personal data
- The Data Processor: The processor is an entity which processes personal data on behalf of the controller
Waytek is a Data Controller as well as a Processor.
Now, the GDPR grants the following rights to the data subjects:
What is Waytek doing about it?
Definitions and Data Collected:
Data is hosted on data servers qualified by global IT standards and regulations. All of Waytek’s data is securely hosted on data servers in the USA. The server infrastructure is PCI 3.2.1 compliant.
Backup and logs
Waytek maintains a robust backup plan where data is stored in a secure location and multiple data backups are retained for a stipulated period and then removed from the system. All personal data is stored and transferred in compliance with applicable global regulations. Application and customer logs generated as part of services provided are maintained as per established retention limits. Post this period, data records are scheduled for auto-removal.
Waytek processes data necessary for the purchase and delivery of products in a fair and lawful manner. Personal data is processed in a manner that ensures security and confidentiality of personal data, including prevention of unauthorized access to or use of this data. User authentication and profile data are collected and processed within the HTTPS (Hyper Text Transfer Protocol Secure) Waytekwire.com secure web environment.
Waytek partners with organizations that like itself adhere to global standards and regulations. We will keep updating this policy with more information around data protection and GDPR. If you have any questions, drop us an email at firstname.lastname@example.org.
This policy was last updated May 25th 2018.