How Recomms AI secures customer data and our GDPR compliance.
The European Union has strengthened data protection safeguards regarding personal information by adopting the General Data Privacy Regulation ("GDPR"). This regulation applies to all individuals and companies that deal with such information in any way. In TetiAI's case, when providing our Recomms AI services, we act as a so-called processor of personal data, which means that we receive data from "data controllers" (our clients) and analyse the data on our servers using a unique algorithm.
Yes, however, the data we process have been pseudonymised. Pseudonymisation is a process that effectively blocks us from identifying data subjects. Any identifiable elements of the individual bits of personal information are unreadable for us. The process of pseudonymisation is done on our clients' side, so we can never learn who, in fact, is behind the pseudonymised data. This means that the database we work with is virtually free of personal information.
Even though we do not process personal information, we have to comply with the GDPR in general. Although our database is pseudonymised, we have implemented safeguards and security that protect the integrity of the data subjects' information we analyse for our clients. Our servers have both physical and software security measures that minimise the risk of unauthorised persons intercepting, deleting, reading or modifying the data we store. We also perform routine penetration tests. Our policy stands on the principle that only essential, well-selected and trained personnel are allowed to interact with the database; furthermore, those interactions are monitored and logged. When interacting with our clients, all communication is done using secure measures. We recognise that all data are precious and should be kept as confidential as possible. Our servers that contain the data we process are located in the European Union, which is considered as a secure destination.
Since we don't know whose personal information we analyse, individuals can execute their right to opt-out from processing only with the data controller (our clients).
No, the database of our clients' information is the most important commodity we have. With our clients we typically sign a data protection agreement that specifies all rules and safeguards in order to comply with the GDPR.
Based on your business model, you might have to obtain consent to use your clients' personal information. Each business is very specific, so in some cases your existing consent is sufficient, in other cases you may need to them to update their consent. Some business models might fall under a different processing category (i.e. legitimate interests pursued by the controller). You may also be obliged to inform your data subjects of Recomms AI's role in the data processing. If you are not sure how to resolve this matter, we suggest seeking professional legal advice.
Higher Conversion Rates · Enhancing the User Experience · Increased Profits · Enhanced Loyalty
_Vb2P_PHrKHnSijDOMqhQG.svg?width=256&quality=80&format=auto){kind=icon}