GDPR Measures at Splashtop
Protecting the personal data of our customers has been and continues to be our top priority. We understand our obligations and responsibilities as a Controller and as a Processor for GDPR. We have taken the following steps to be GDPR ready.
- Data Protection by design: We have implemented affirmative consent where all of our customers must opt-in first to share their personal data with us during signup and they have means to withdraw later on. We have reviewed and implemented process to make sure we only collect and process personal data that is necessary to provide the service to our customers. We make sure all personal data is protected with strong industry security standards and best practices, both in transmission and storage.
- Data Governance: We have identified and mapped all personally identifiable information (PII) we collect, what we are doing with it, where it flows and who has access to it. We have signed Data Processing Agreements (DPA) with our third party service providers to ensure they are also committed to GDPR.
- Process and Communication: We have formally reviewed our GDPR readiness with a third party professional firm, put in place additional processes, and set up proper communication channels to handle all GDPR related inquiries and tasks both internally and externally.
If you need to sign Data Processing Agreements with us, or have any questions about or need further information concerning the legal basis on which we collect and use your personal information, or your rights, please contact us at firstname.lastname@example.org.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes. The standard was created to increase controls around cardholder data to reduce credit card fraud. PCI compliance is required for organizations that store, manage and process cardholder information.
Splashtop is not a payment solution and we do not store our users’ credit card or financial data in our system.
Splashtop uses third party vendors to store and manage cardholder data and conduct online transactions. We provide secure connections to our PCI compliant payment vendors to ensure compliance.
Every business that is part of the U.S. healthcare industry must comply with Federal standards regulating sensitive and private patient information. In addition to protecting worker health insurance coverage, HIPAA sets forth standards for protecting the integrity, confidentiality, and availability of electronic health information.
While no single product or solution can make an organization HIPAA-compliant, the Splashtop remote access products for business can help organizations meet HIPAA guidelines for the privacy and security of remote access to healthcare information and can be used within a larger system to support HIPAA compliance.
White Paper: Splashtop HIPAA Compliance and Security
SOC 2 Compliance
Splashtop’s SOC 2 audit is expected to be completed and compliance information published by the end of the year.
Splashtop’s business products are specifically built to give IT full control over securing the data while giving employees the flexibility to access it from anywhere. They are especially applicable to organizations operating in industries with stringent legislative and compliance regulations where controls for data privacy and systems security are mandated. Splashtop security features also help support HIPAA and ISO 27001 compliance.
Learn more on our Splashtop Security Features web page.
If you have any further questions, please contact us at email@example.com or (408) 861-1088 x125.