CentreStack is GDPR Ready
CentreStack GDPR readiness includes partner portal that interact directly with our customer, the CentreStack product and service and also internal ongoing employee training.
Clear and Explicit Consent of Personal Data
In the CentreStack partner portal, where personal data is required, there is clear explanation of why the information is required, how it is going to be used and when and how it can be erased upon request (Right to be forgotten).
Security of Personal Data
CentreStack infrastructure is on AWS (Amazon Web Service) and it leverages AWS GDPR readiness such as taking advantage of CloudTrail and GuardDuty services for data security and privacy protection. In addition to the AWS GDPR readiness, CentreStack portal also went through internal audit for GDPR compliance.
CentreStack product includes data-in-transit data protection by leveraging HTTPS and also data-at-rest data protection in AES 256. CentreStack also includes other data protection features that help customers better on data protection.
In the CentreStack product, a new compliance feature was added to assist setting up CentreStack with the best practices of data security and better protect personal privacy. It added features such as consent forms, check for HTTPS flag, check for data-at-rest encryption and check for other data security and protection related settings.
There is ongoing data security and privacy training for CentreStack employees and monthly check points about data security and privacy practice review.