GENERAL DATA PROTECTION REGULATION
GDPR is a new European Union (EU) privacy law that comes into effect on May 25, 2018. The GDPR harmonizes data privacy laws across the EU and mandates how companies collect, store, delete, modify and otherwise process personal data of EU citizens. It applies to any company that processes personal data of EU citizens, regardless of whether such company has any physical presence in the EU, or even whether it has any EU customers.
The team at Cannalive is fully committed to complying with the requirements of the GDPR. We understand that compliance with a new set of privacy laws can be challenging, and we are here to help with your GDPR compliance initiative by providing you with state of the art GDPR compliant services.
What is GDPR?
The General Data Protection Regulation (GDPR) is a sweeping new EU law which mandates how companies can collect, store, delete, modify and otherwise process personal data of EU citizens. It applies to any company that processes personal data of EU citizens, regardless of whether it has any physical presence in the EU, or even whether it has any EU customers. Companies are also required to pass these obligations down to all of their vendors and suppliers who may also handle personal data of EU citizens anywhere in the world.
What is the definition of "personal data" under GDPR?
The first and most important thing to realize is that the EU concept of “personal data” is much, much broader than the U.S. concept of “PII”. Under EU law, personal data means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. It doesn't have to be confidential or sensitive to qualify as personal data.
What Types of Data does Cannlive EMEA LTD Process?
It’s our customers who control the data stored, edited, and cached across our platform (e.g. e-mail, billing address, phone number etc.). Additionally, we may gather certain information regarding customers age. While it’s not up to us which data we receive, it typically includes items such as contact information, IP addresses, security fingerprints, DNS log data, and website performance data derived from browser activity. We will process such data in order to provide the service to our customers and in accordance with applicable laws, including the GDPR.