Scribd Logo
Importer

Bienvenue sur Scribd !

  • GDPR GALLUP Overview

    Transféré par

    blutnt
    69 vues2 pages

    Titre original

    GDPR_GALLUP_Overview

    Copyright

    © © All Rights Reserved

    Formats disponibles

    PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    69 vues2 pages

    GDPR GALLUP Overview

    Transféré par

    blutnt

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 2

    GDPR Compliance: an Overview

    Security and Privacy at Gallup


    Gallup is dedicated to providing clients with an exceptional experience when it comes to protecting
    their data. We employ a team of dedicated security experts that implement, maintain and monitor
    a robust set of security controls to protect our critical infrastructure including our survey and
    reporting platforms. We train our associates with the latest security awareness information to keep
    them informed and prepared as the first line of defense to keep data secure.

    To prove our trustworthiness, Gallup annually undergoes ISO 27001 compliance reviews of its
    information security management system to ensure that all protections are in place and functioning
    as described. In addition, Gallup also undergoes annual SOC 2 audits to ensure its set of security
    controls are effectively protecting client data.

    Since Gallup is a global company, we are 100% committed to adhering to global laws and
    regulations that seek to protect the rights of clients and individuals alike. Gallup currently complies
    with both EU-U.S. Privacy Shield and EU Model Clauses and has done its due diligence to become
    GDPR compliant.

    General Data Protection Regulations (GDPR) and Gallup

    The GDPR went into effect May 25, 2018. These protections provide a modernized and consistent
    framework to privacy laws that protect individuals in EEA member countries. The major focus of
    the GDPR revolves around greater protection and rights for individuals. Over the past 12+ months,
    teams at Gallup have collectively been working to define what GDPR should look like for our EEA
    clients and end users of our services. We have assigned Gallup associates with privacy-related
    responsibilities, refined our processes, drafted documentation and ensured that as the deadline for
    GDPR compliance approached, we were properly prepared to meet the responsibilities.

    What Has Gallup Done to Meet GDPR Requirements?

    The following is an overview of what Gallup has set in place to ensure privacy for clients and
    individuals in EEA countries.
    • Data Protection
    Gallup protects its online survey and reporting platforms with industry standard grade
    encryption and storage. All of Gallup’s survey and reporting platforms and websites are
    protected with HTTPS encryption and support TLS 1.1 and greater. Data at rest are also
    encrypted using AES-256 grade encryption to ensure that data privacy and protection are
    always retained.
    • Individual Privacy
    To ensure complete transparency for Gallup’s clients and individual users, Gallup has enhanced
    its privacy and consent statements on its websites and surveys to keeps its users better
    informed about their rights. Gallup will provide individuals with information about the data we
    collect, how we use it and their individual rights to access, rectification, erasure, portability
    and restriction.

    1
    Copyright © 2018 Gallup, Inc. All rights reserved.
    GDPR Compliance: an Overview | Security and Privacy at Gallup

    • Record of Processing Activities


    Gallup has created and maintains detailed records of data processing activities for
    each of its products and services that it offers to clients and individuals. In addition,
    Gallup has also conducted third-party security and privacy assessments for all
    vendors that provide services on Gallup’s behalf to clients in EEA countries to ensure
    GDPR compliance.
    • Upgraded Data Processor Agreements
    Gallup will complete data processor agreements upon request for clients to ensure
    compliance of contracting responsibilities. Members of Gallup’s legal team will review
    and propose language to append to service agreements to meet GDPR requirements.
    • Data Breach Notification Responsibilities
    As part of Gallup’s commitment to privacy, Gallup will notify clients (data controllers)
    whose data are affected within 24 hours of discovery of a data breach. Gallup will
    also work directly with clients (data controller) to conduct an investigation to provide
    essential information necessary for the client (data controller) to create a report and
    inform regulators and impacted individuals within the mandated 72-hour timeframe.

    If you have privacy questions/concerns


    If you have a question or concern, or need further assistance,
    email privacy_administrator@gallup.com and a member
    of Gallup’s team will review your request and respond accordingly.

    2
    Copyright © 2018 Gallup, Inc. All rights reserved.

    Vous aimerez peut-être aussi