Since the General Data Protection Regulation (GDPR) came into effect in 2018, DCS has publicly endorsed this milestone in data protection law, emphasizing a longstanding commitment to data security. DCS has revised its data protection policies to align fully with GDPR, ensuring compliance and reinforcing user trust.
An Overview of GDPR: Why It Matters
The GDPR, adopted by the European Parliament in 2016, aims to protect individuals from data breaches and promote privacy. It mandates that companies collecting personal data do so with restraint, transparency, and integrity. Organizations must demonstrate lawful and minimal data use, inform individuals of their data’s purpose, and provide means to access, amend, or delete it as desired.
To satisfy GDPR, companies must establish robust security measures to mitigate data breach risks, balancing transparency with rigorous security protocols.
DCS’s Role under GDPR
GDPR defines two key entities handling personal data: controllers, who determine data usage, and processors, who manage data on the controller’s behalf. DCS operates both as a processor when users input client information into the platform and as a controller in handling its own service-related data.
This dual role underscores DCS’s dedication to not only meeting regulatory requirements but also easing compliance burdens for its customers.
Key Compliance Actions Taken by DCS
DCS has implemented a series of measures to align with GDPR standards:
Updated Legal Agreements: Revised terms, conditions, privacy statements, and licensing agreements emphasize user consent for personal data use. Marketing data is now gathered with explicit permission, underscoring respect for user preferences.
Appointed Data Protection Officer (DPO): With expertise in law and data protection, Jan Tomaszewski leads compliance efforts, acting as a liaison with GDPR regulators.
Enhanced Data Management: DCS has thoroughly reviewed systems linked to data storage and processing.
Notable rights protected under GDPR include:
Data Access: |
|
---|---|
Right to Information: |
|
Right to Deletion: |
|
Right to Object: |
|
Data Breach Notifications: |
|
Support teams facilitate these requests, following an identification procedure to validate requests.
DCS’s Security Commitment
GDPR calls for stringent security measures—a standard already embedded in DCS’s practices. Here’s how DCS delivers on this promise:
Secure Cloud Hosting: Partnering with AWS for GDPR-compliant services, DCS secures data with 256-bit AES encryption and SSL-protected HTTP access. Regular backups and security evaluations fortify data recovery and resilience.
Authentication and Monitoring: Two-factor authentication, single sign-on (SSO), and IP restrictions guard against unauthorized access. Login history and audit trails add layers of monitoring.
Data Leak Prevention: Designed to avert unauthorized access, DCS allows local storage, JWT-based access protection, and HTTPS-encrypted traffic for private networks, giving users control over their data’s security.
To explore DCS’s full security measures and GDPR alignment, visit our security overview here.
Written by Sarah Park, a guest writer and who wishes to visit Paris again.
Comments