Appnext & the GDPR

The GDPR

On May 25th, 2018, the new EU data protection regulatory framework – the General Data Protection Regulation (“GDPR”) – will come into effect.

Appnext takes considerable efforts to ensure that its privacy practices comply with data protection laws and the industry’s best practices.

Accordingly, Appnext has put this document together in preparation for the GDPR, and as part of its ongoing efforts to maintain the trust of its existing and potential partners’ in its data protection practices.

This document provides a general overview of the steps taken by Appnext to meet its regulatory requirements under the GDPR.

Please note that the below is provided for guidance and educational purposes only. The responsibilities and liabilities of Appnext to its partners and customers are controlled by Appnext agreements.

What is Appnext Doing?

Appnext is taking diligent steps to ensure that its data protection practices are aligned with industry best practices, as well as the requirements of the GDPR, such as:

  • Recognizing the crucial importance of data governance, we take great measures to ensure that data protection is managed as a corporate issue. We have also designated a Data Protection Officer to hold responsibility for data protection compliance.
  • We are putting effective policies and procedures in place to ensure that our data processing activities are adequately documented.
  • We are carrying out a comprehensive review of our privacy notices and putting a plan in place for making necessary changes in time for GDPR implementation.
  • We review our procedures to ensure that they cover all the rights of individuals (i.e. right of access, right to erasure and right to object), within the new timescales.
  • We review and affirm the lawful basis for our data processing activities under the GDPR.
  • We are carrying out an extensive review of our contracts and the other arrangements we have in place when sharing data with our partners, vendors and clients. In addition, we have put an internal partner vetting procedure in place to ensure that adequate safeguard protection is adopted prior to the sharing of personal data.
  • We are carrying out a comprehensive review of our information security practices, adopting various technical, organizational and physical measures to ensure that personal data is adequately safeguarded.
  • We make sure that we have adequate procedures in place to detect, report, investigate and contain a personal data breach, as well as to notify the data protection supervisory authority and data subjects, as required.
  • We have initiated various steps to ensure that decision makers and key personnel at Appnext are aware of the new changes under the GDPR, and are actively working towards raising its awareness.
  • Appnext is taking steps to certify with the European Interactive Digital Advertising Alliance (EDAA), the leading cross-industry self-regulatory initiative for enhancing transparency and user control over online behavioral advertising.

 

For any inquiry about GDPR please contact support or email: data-privacy@appnext.com