THE GENERAL DATA PROTECTION REGULATION (GDPR)

GDPR stands for the General Data Protection Regulation. The GDPR is the new European Union ("EU") law that regulates the personal data of individuals in the EU. It will replace the EU Data Protection Directive, the EU's current privacy law, which has been in place since 1995. The GDPR harmonises data protection law across Europe and introduces sweeping changes that require companies to make significant updates to their privacy and security policies and practices.

ACADLY INC is committed to helping our Acadly users comply with GDPR.

WHEN WILL THE GDPR BECOME ENFORCEABLE?

The GDPR will become enforceable on May 25, 2018. At that time, companies are legally required to comply with the GDPR.

WHAT WE DID FOR GDPR?

To comply with the European Commission's replacement law for the Data Protection Directive 95/46/EC, the General Data Protection Regulation ("GDPR"), by the enforcement date (25 May 2018), ACADLY INC Designs has:

• Educated the organisation about GDPR and its requirements
• Conducted a GDPR gap analysis and plugged the gaps (if any)
• Documented the personal data ACADLY INC holds, where it came from, and who ACADLY INC may share it with
• Reviewed the existing privacy notices and made the necessary changes in time for GDPR implementation
• Ensured existing procedures covered all the rights individuals have under GDPR, including deleting personal data
• Identified our lawful basis for processing personal data, documenting it, and updating our privacy notice to explain it to individuals
• Reviewed how we obtain, record, and manage consent; and placed better systems in process
• Reviewed and updated contracts with third parties to ensure our privacy obligations are up to date
• Ensured the right procedures are in place to detect, report, and investigate a personal data breach
• Created processes for Data Protection Impact Assessments
• Appointed a Data Protection Officer

WERE THERE ANY MAJOR CHANGES TO ACADLY INC'S PRACTICES AS PART OF COMPLIANCE WITH GDPR?

We have always taken the privacy of Acadly users seriously. Since inception, we have practised undertaking internal privacy assessments of our products and of adopting a "privacy by design" approach to product development. We directed our GDPR compliance efforts on this principle, including by defining procedures to cover all rights individuals have under GDPR.

CONTACT

Please contact us at contact@acadly.com for more information.