Ensures you are in compliances with GDPR when working with vendors outside EU

Also, when subsidiary parties to your vendor are processing your data

GDPR data exchanges control outside EU can be very cumbersome and very worrying.

Transfers of personal data to third countries are regulated under Articles 44-50
of the General Data Protection Regulation (Reg. EU 2016/679).

Adequacy Decision is how Non-EU countries has an adequate level of data
protection.

Where the transfer is to a destination which does not ensure an adequate level of
data protection, controllers or processors transferring personal data, may still
carry out such transfers provided that appropriate safeguards as specied under
Article 46 of the GDPR are introduced. These safeguards may be provided by
means of:

  1. a legally binding and enforceable instrument between public authorities or bodies
  2. binding corporate rules
  3. standard data protection clauses adopted by the Commission
  4. standard data protection clauses adopted by a supervisory authority and approved by the Commission
  5. an approved code of conduct
  6. an approved certification mechanism

Using CIMS DPS is allowing your vendors to work on your data, while nothings is exchanged

All your data stays at CIMS EU based servers and access is only given via your DPS instance.

The DPS instances is your company owned CIMS protected single dedicated server

Fully configurable on different level of SENSITIVITY DATA:

A: Very sensitive data: covering Article 9 data in GDPR
B: Medium sensitive data: Covering Article 6 data in GDPR
C: Non-personal related data, non-group or sub-group relateddata, data of already known public knowledge

Full control over any data exchange, export and distribution

Export, exchanges, distribution can only occur with your approval. When approving request all is documented and stored at your private DPS instances.