GDPR

Privacy Protection You Can
Count On

Defend privacy rights while sharing personal data. Our platform enables easy compliance with the strict regulations that apply to any organization doing business with citizens or residents of the European Union.

Guard Personal Data

If your company collects any data from EU citizens or residents, you are subject to GDPR Compliance and are considered a Data Controller, requiring you to:

Have explicit consent from users whose data you collect.
Notify the proper authorities within 72 hours of a known data breach.
Provide EU consumers the right to access the data collected from them.
Provide the right to erasure or the right to be forgotten. This allows the consumers to request that any and all data previously collected by your company is erased.

After its passage by the European Parliament, the General Data Protection Regulation (GDPR) took effect in 2016. As of May 2018, this law has applied to all organizations that either process the personal data of EU citizens or residents, or offer them goods or services.

GDPR originated in Europe but it imposes obligations that apply worldwide to anyone handling the personal data of people in the EU. Under the regulation, organizations must be diligent in guarding personal data and prove how they protect it.

Understanding the Key Data Protection Principles of GDPR

Read how our platform enables you to meet or exceed critical security and privacy standards to ensure your data is safe, making it easy to share files in accordance with the GDPR principles for data protection that range from transparency to accountability.

Find Out More

Lawfulness, Fairness, and Transparency Our platform enables transparency by helping you keep records of your client data with administrative logs and file access logs that are ready when needed.

Purpose Limitation This principle holds that you must process personal data for the purposes specified to your EU customer. As a processor, we will only process or use Personal Data in accordance with the scope of our data processing agreement and our Terms of Service.

Data Minimization Minimization of data means that your organization should handle only as much data as necessary for the specified purposes. Our platform provides unlimited folders to help you delineate your files, and it’s easy to delete data that’s no longer needed, either manually or using file retention rules.

Accuracy To satisfy the conditions of this principle, your organization must ensure that people’s personal data is current and accurate. Our platform supports this by providing a secure place for keeping up-to-date customer information.

Storage Limitation

You can choose the number of days after which data is automatically deleted from our system to align with your organization's policy for holding personal data. You can also use SFTP scripting to ensure data is deleted in a timely manner.

Integrity and Confidentiality

We use AES-256 encryption at rest and our TLS 1.2 encryption in transit encryption modules are FIPS 140-2 validated. With flexible access controls, MFA, and more, our platform helps to ensure the integrity and confidentiality of personal data.

Accountability

Your data controller must be able to demonstrate your organization's compliance with the Data Protection Principles. Our platform lets you easily access and view user controls, access to folders, and more through our reporting and logging.

Store and Share EU Customer Data

Sharetru helps your organization stay GDPR-compliant by:

Protecting your data with industry best practices.
Notifying you within 48 hours in the unlikely event of a data incident.
Responding to any right to access or right to erasure requests from EU consumers by making you fully aware of the request.
Providing you with a secure file sharing solution with data protection by design at its core.
Enabling you to control IP access points by country or by IP address.
Providing authentication and access through OTP so only approved individuals can access client data.
Giving easily exportable and immutable file logs for auditing and reporting.

Besides supporting privacy and data security, GDPR compliance boosts your credibility and engenders trust among your customers. By proving your organization’s commitment to protecting personal data, you bolster your brand’s reputation and create opportunities to reach new markets.

Whatever file sharing solution you choose, it should make complying with GDPR as easy as possible. Our private cloud-based platform has what you need: a professional Data Processing Agreement (DPA) available with qualified plans.

Browse Additional Resources

See all resources here

Blog

Data Security Breaches: Consequences and Prevention Best Practices

This blog deep dives into security breaches in file transfer/file sharing, the consequences and how to avoid falling victim to a cybersecurity attack.

Ready for a Demo?

Don’t just take our word for it. We’ve been leading the charge in secure online file sharing since the very beginning, and we’d love to show you how we do it. Schedule your demo today.

Privacy Protection You CanCount On