We’re committed to helping Avrio customers and users understand, and where applicable, comply with the General Data Protection Regulation (GDPR). The GDPR is an important piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union and went into effect on May 25, 2018.
The GDPR’s updated requirements are significant and our team has built Avrio’s security, privacy, operations, and contractual commitments with GDPR in mind from day one.
Below are the key pillars that make up our commitment to you in fulfilling and in some cases exceeding the requirements of the GDPR to ensure the safety and privacy of your data.
We believe we don’t just have a responsibility to give our users and customers the tools they need to conduct and share research—we also have the responsibility to offer tools and methods to safeguard data so that trust between can be assured and maintained.
We use a third-party, top-tier datacenter that maintains several industry-recognised certifications, and we have processes and audits in place to systematically help ensure the safe and secure use of our service for everyone.
Read more about our security practices.
The GDPR requires organizations to use a recognized legal mechanism to transfer data from the EU to other countries that do not have a similar data protection framework.
We offer EU Model Contractual Clauses as a part our Data Processing Agreement (“DPA”) that can be signed directly through Docusign from our site helping ensure that you can safely transfer data to our services.
We maintain a list all of all our third party Data subprocessors and share information on what we use them for and where they are located. We always set the default region within the EU wherever possible helping ensure that you can safely transfer data to our services.
We also help you honor your customers’ ‘right to be forgotten’. You may request the deletion of personal data from Avrio by sending an email to firstname.lastname@example.org at any time.
Data exports are also available by sending an email to the same address.
Below are several other GDPR initiatives that have been implemented within Avrio:
If you have any further questions, please email us at email@example.com.