Opsenic’s GDPR Commitment

Updated: November 20, 2023

The EU General Data Protection Regulation (GDPR) has been a significant piece of the privacy landscape since 2018, and Opsenic is here to support you in meeting its requirements.

What is GDPR?

GDPR is setting the standard for how organizations collect, use, and protect EU citizens’ personal information. With the growing concern for data safety, this law is designed to foster public confidence in data privacy.

GDPR implications for your organization

Whether or not your organization is based in the EU, all businesses that control or process personal information of EU citizens must do so in accordance with GDPR requirements.

As an employer, this means that you are responsible for ensuring that the personal information of your EU citizen employees is processed in accordance with GDPR requirements.

Because of this, you are also responsible for ensuring that any workplace service providers that you use will process the personal information of your EU citizen employees in accordance with GDPR requirements.

Opsenic’s commitment of support towards your organization’s GDPR compliance

Opsenic is committed to supporting you in ensuring that your use of our workplace tool meets GDPR requirements.

Here are some of the measures that Opsenic has put in place to reflect that commitment:

  1. Opsenic’s contractual terms reflect GDPR requirements

    Opsenic has prepared a Data Processing Addendum that contains the GDPR contractual requirements. Where applicable, this Data Processing Addendum is incorporated into our Terms of Service. Our contractual commitments relevant to GDPR are that:

    • Opsenic will be transparent and never use your employees’ personal information other than as instructed by you,
    • Opsenic will maintain appropriate technical and organizational security measures to protect your employees’ personal information,
    • Opsenic will assist you with requests from your employees regarding their personal information that is processed using our services.
  2. Opsenic will continue to improve its security infrastructures

    Opsenic is committed to maintaining appropriate technical and organizational security measures to protect your employees’ personal information in line with GDPR requirements.Our commitments to maintaining our security measures are as follows:

    • Opsenic ensures that, to the extent possible, your employees’ personal information is pseudonymized,
    • Opsenic ensures that your employees’ personal information is encrypted, both in transit and at rest,
    • Opsenic has measures in place to ensure the ongoing confidentiality, integrity, availability, and resilience of Opsenic processing systems and services,
    • Opsenic can restore the availability and access to your employees’ personal information in a timely manner in the event of a physical or technical incident, and
    • Opsenic is putting in place a process for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures to ensure the security of your employees’ personal information.
  3. Opsenic complies with GDPR international data transfer mechanisms

    GDPR does not require personal information of EU citizens to be stored in the EU. GDPR does, however, require transfers of EU citizens’ personal information outside of the EU to comply with certain international data transfer standards. One of these standards is that prior to transferring an EU citizen’s personal information to a third country, the European Commission must have decided that the third country ensures an adequate level of protection. Opsenic is committed to ensuring that all transfers of your employees’ personal information are and will be in compliance with the required international data transfer standards. Opsenic is located in USA and is subject to USA privacy laws. This is great, because the European Commission has included USA in its list of countries recognized as providing adequate protection.

    As your data processor, Opsenic transfers your employees’ personal information to only one third-party subprocessor — data center provider (Google Cloud). Opsenic has Standard Contractual Clauses in place with each of its subprocessors with whom we work continuously to meet privacy and security standards and improve technical and organizational safeguards.

  4. Opsenic’s products are designed to help you meet your GDPR requirements

    Opsenic is committed to making every effort to build product features that help you meet your GDPR requirements. Opsenic ensures that you can meet the GDPR data portability requirements by providing, among others, features that permit you to export employees’ personal information.

Contacting Interactive Leadership Technologies Inc.

Please feel free to contact us if you have any questions about terms of use, privacy policy, GDPR, or other practices.