Last updated: April 24, 2018
The European Union’s General Data Protection Regulation (GDPR) is a significant step forward and change in data privacy regulation. Passed on April 26, 2016, GDPR seeks to strengthen and standardize user data privacy across all EU member states by setting forth new and additional obligations to all organizations that interact with EU citizens’ personal data, regardless of where that organization may be located. These obligations become effective on the 25th of May 2018.
PSPDFKit is fully committed to being in compliance with the GDPR and is currently conducting Privacy Impact Assessments on all of our products and services.
The GDPR’s updated requirements are expansive and our team is working diligently to make sure both PSPDFKit and customers of ours are able to be compliant by May 25, 2018. This effort requires a multitude of steps prior to the effective date as well as ongoing obligations after the regulation goes into effect.
Here’s a summary of the steps we are currently taking and will take:
All of our SDK products are intentionally designed to never have access to any of your customers’ or users’ personal data nor does our support platform intend to be used to process any personal data. If you are concerned that the use of our SDK products or support platform could categorize us as a third party vendor data processor under GDPR, then please send your concerns to [email protected] so that we can determine what steps we can take to assist you in fulfilling any obligations you may have as a data controller.
PSPDFKit is currently developing a process to handle intake, review and process we receive or any customer requests arising from Data Subject Access Requests (DSAR) they receive. As a result of a DSAR, a customer or users of ours might request that PSPDFKit securely delete or return the Data Subject’s personal data. Since DSAR are inherently very sensitive, such requests will be handled by PSPDFKit on a case-by-case basis.