Ensures you are in compliances with GDPR when working with vendors outside EU
Also, when subsidiary parties to your vendor are processing your data
GDPR data exchanges control outside EU can be very cumbersome and very worrying.
Transfers of personal data to third countries are regulated under Articles 44-50
of the General Data Protection Regulation (Reg. EU 2016/679).
Adequacy Decision is how Non-EU countries has an adequate level of data
Where the transfer is to a destination which does not ensure an adequate level of
data protection, controllers or processors transferring personal data, may still
carry out such transfers provided that appropriate safeguards as specied under
Article 46 of the GDPR are introduced. These safeguards may be provided by
- a legally binding and enforceable instrument between public authorities or bodies
- binding corporate rules
- standard data protection clauses adopted by the Commission
- standard data protection clauses adopted by a supervisory authority and approved by the Commission
- an approved code of conduct
- an approved certification mechanism
Using CIMS DPS is allowing your vendors to work on your data, while nothings is exchanged
All your data stays at CIMS EU based servers and access is only given via your DPS instance.
The DPS instances is your company owned CIMS protected single dedicated server
Fully configurable on different level of SENSITIVITY DATA:
A: Very sensitive data: covering Article 9 data in GDPR
B: Medium sensitive data: Covering Article 6 data in GDPR
C: Non-personal related data, non-group or sub-group relateddata, data of already known public knowledge
Full control over any data exchange, export and distribution
Export, exchanges, distribution can only occur with your approval. When approving request all is documented and stored at your private DPS instances.