Coming into force in May 2018, Exponea has developed Exponea with privacy in mind, including compliance to GDPR.

Our Exponea application supports our customers in finding the best ways to be compliant with the GDPR. We have created this section of our Docs to ensure you are informed about our features and how to use them to their best potential.

Our independent Data Protection Officer (DPO) also makes sure that Exponea stays compliant. The DPO is tasked with monitoring compliance with the GDPR and other data protection laws, our data protection policies, GDPR awareness training, and audits.

This series of GDPR guides will explain to you the following:

What is GDPR

GDPR (General Data Protection Regulation) has replaced all existing data protection laws across Europe and now shapes the way in which companies handle, protect, and profit from data.
All businesses and not-for-profit organizations that process personal data concerning employees, customers, or prospects who are in the EU and/or are EU citizens fall within its scope, wherever in the world the company is based and even if the data is processed outside the EU.

Controller vs Processor

In the context of Data Protection laws, you are the controller of your data while Exponea is the Processor. As the Controller, you decide on the purposes and means of all data processing. As the Processor, Exponea acts on the controller’s instruction - you. This distinction is crucial because Controllers and Processors have different responsibilities with regard to compliance.

As a Controller, you bear the responsibility to ensure and demonstrate compliance with GDPR as you are in full control of which data you collect and how you use them. Through the document, there will be multiple references to your particular responsibilities as a controller.

Updated about a month ago


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.