‍

Alumio and its partners give their full commitment to Data Protection and GDPR Compliance.

Alumio and its partners are committed to help customers located around the world with their GDPR compliance readiness journey.

Alumio and its partners will help each customer with offering reporting and consulting services, so each customer is able to:

• describe the nature of the data breach, and if possible categorize and approximate number of data subjects and the categories and approximate number of personal data records concerned
• disclose the contact details of their DPO
• describe the consequences of the breach
• describe measures taken to address the breach

‍
Breach disclosure

According to the GDPR, Alumio shall report the data breach to the regulatory authorities (and sometimes affected individuals), within 72 hours after becoming aware of the breach.

The same applies for the organization or a company that is a data processor. The data processor needs to notify the data controller as soon as possible or within 72 hours after they have become aware of the breach.

‍

As you probably know GDPR protects European Union data subjects’ fundamental right to privacy and the protection of personal data. Alumio’s headquarters is based in the Netherlands and therefore Alumio is born and raised with high standards when it comes to privacy, compliance and security of data.

Alumio enables companies to be able to execute GDPR in the following GDPR business requests:

‍

1. Enhancing existing individual rights and creating new rights to be forgotten and to data portability
   
   Alumio can help organizations to execute requests of customer to delete their personal data, which can be stored in multiple software applications.
   ‍
2. A right to erasure and the right to be forgotten
   
   A new right to data portability means that you have to be able to make sure customers can change their privacy settings, which means that you have to change this in all connected software and data lakes.
   ‍
3. the right to receive the personal data
   
   Customers have the right to ask their personal data and to receive this in a certain format. Alumio can help you to gather this information and to send it to requested software or persons via API calls or exporting capabilities of Alumio.
   ‍
4. Businesses will need to implement effective user interfaces
   
   Every company should offer a user friendly way to give customers access to their privacy information and give them the ability to see, change and delete these. As interfaces can communicate via API’s requests, Alumio is a matching combination for each of you user friendly solution.
   ‍
5. Enhanced rights to notice, access, rectification and to object to processing
   ‍
   Controllers had to provide data subjects with certain minimum information before collecting personal data. These disclosures included the identity of the controller, the purposes of processing, and any recipients of personal data.
   ‍
6. Erasure and the right to be forgotten, means that you have to be able to remove data from (external) sources, such as databases, websites, content, (internal) search engines, etc.
   
   Alumio can be used to send the data to all the sources and if so, Alumio will save all this data. It can be requested via API, or just by using the services for reporting and logging capabilities of Alumio.