What is GDPR?
The General Data Protection Regulation (GDPR) is a set of security principles and protocols laid by the European Union to protect the data interests of European Citizens. GDPR aims to ensure that corporations inside or outside the European Union become more transparent about how they collect, handle and process personal user data of European Citizens. The primary goal of GDPR compliance is to eliminate security gaps when it comes to collecting data from the users and allow total data control back to the users.
When the GDPR comes into effect, most organizations that collect, maintain, or process EU residents’ personal data (regardless of the organization’s global location) will be required to implement certain procedures and safeguards for that data.
All About Data
GDPR includes firm definitions for data “controllers” and data “processors.” When considering your privacy at ProProfs, we must take into account the fact that we operate under both conditions at different times.
A data controller collects personal data, which is defined very broadly and includes information such as a name or an email address. At ProProfs, we are data controllers when it comes to our users’ account information.
But it also turns out that you, our users, are also data controllers! Every time you collect personal data in the form of a quiz, course, live chat, survey, etc., you become a data controller, and we become the “data processors.”
Data processors process personal data on behalf of the data controller. For example, you may enter your online course participants’ email address in our system so that you can invite them to take your course. We do not control that data - you do. But we do process that data through our system as a convenience to you.
To accommodate the fact that we are both data controllers and processors, we have been working hard for more than 12 months (and continue to work), toward GDPR requirements.
ProProfs and Privacy
At ProProfs, our highest priority is keeping customer data secure. We are committed to delightful experiences both for our direct users and indirect users for whom our users create content (e.g. quizzes, online training courses, knowledge bases, etc.).
As soon as GDPR was announced in April of 2016, ProProfs began preparations for implementation. ProProfs is committed to taking advanced measures to support and continuously enhance the security of our systems, to ensure that we collect and process personal data in a manner compliant with GDPR or any similar legislation.
At ProProfs, we strive for transparency with our customers and partners. In that spirit, we want to share a few examples of what ProProfs has in place to prepare for the GDPR:
We’ve implemented a number of technical and organizational safeguards designed to protect the security and integrity of your personal data and any data you control in your account.
ProProfs customers who are data controllers can easily access and manage their team members’ data. Specifically, these customers not only are able to directly access, update, modify, and delete data within the ProProfs platform, but they also have the ability to export Organization member and guest information. As for your own personal data, you can always view the data we have collected and make changes from your account management section. You also retain the right to delete your account at any time, which will remove all of your data, and that of your users, from our system.
A Data Processing Agreement for all paid plans
Subprocessor List Request
If you wish to receive a list of sub-processors who handle personal data for ProProfs please complete our form here. On completion of this form and entry of your details through our system, you will receive updates when we add any new sub-processors to this list.