Supporting your compliance needs
At VPass, we are committed to continually develop features that meet global standards and compliance strategies that assists you and helps make VPass a greater product. We understand the importance of compliance and the effects it has on your business and are involved in meeting different standards in countries all around the world.
UK & EU General Data Protection Regulation (GDPR)
The UK & EU General Data Protection Regulation (GDPR) is a set of new regulations designed to harmonise data privacy laws across the UK and Europe and strengthen privacy regulations for citizens of the UK and European Union. In addition to all organisations within the UK and EU, the GDPR also applies to organisations in other countries who offer goods or services to UK and EU citizens.
How has VPass prepared for the GDPR?
We are committed to ensuring GDPR compliance and have implemented the following measures:
- Identifying the Personally Identifiable Information (PII)/Personal Data that is being collected and making sure that it is handled in accordance with GDPR standards
- Providing our users with appropriate control mechanisms over visitor and personal data
- Reviewing our security and privacy processes currently in place in order to enhance them as needed, and providing the necessary documentation as per the GDPR requirements
- Working with our partners to ensure GDPR compliance during data exchange
- Training the responsible VPass employees in terms of GDPR regulations and procedures
Is VPass GDPR compliant?
Yes. In terms of a VPass customer’s management of visitor data, the following measures have been put in place:
- Visitor data in the UK & EU VPass accounts is purged after 3 months
- Visitor data elsewhere is purged after 12 months
- A VPass account holder can delete data (between a date range) from their account as deemed necessary
Is my service going to change?
No, nothing changes in the scope of provided services.
Will I be able to use VPass in all regions around the world?
Yes, VPass will ensure you can continue running GDPR-compliant services around the world.
What do you use personal data for?
In terms of the VPass to customer relationship, we only use personal data as needed to run the service. This may have been provided to us via web site contact forms, email correspondence, online chat etc. We value your privacy and we’ll do everything we can to protect it. This data is only held for a period of 9 months.
How long is the data retained?
Personal Data: This is retained for the duration of your service and after that for up to 9 months in backup systems that automatically purge the data.
Visitor Data: When a visitor signs in on the VPass App, this data is only held in the UK and EU for a period of 3 months. Elsewhere, data is retained for 12 months.
Are you processing data outside of EU?
ITWT P/L is an Australian company operating our services globally in more than 15 regions. Your data primarily stays in regions where you decide where your data will reside. Logs of search queries and operations can be processed outside of the EU but always stay in a system respecting privacy and security, ensured by VPass.