Updated: June 6, 2018
The protection of private information is fundamental to the trust Paperwise users have given us when choosing our service. In order to be compliant with GDPR we have implemented the following updates to our platform and practices.
For EU member state customers, we have implemented “zero-load” cookies, which means that cookies will not be put onto a users browser until after preferences have been set. Users that are detected via IP address as coming from a EU member state, upon their first visit to the Paperwise.us website, will be presented with a cookie-pop up box that allows cookie preferences to be set. These cookie preferences can also be changed at any time in the future by visiting the cookie preferences link at the footer of any page on our website (only visible to visitors with EU IP addresses).
Opt-in to Communications:
EU users can opt-in to communications from Paperwise when registering for Paperwise-hosted webinars or downloading whitepapers from our website. Users in other jurisdictions can contact accounting@Paperwise.com to be unsubscribed from marketing emails.
Data Protection Officer
We have appointed a Data Protection Officer (DPO), Jim Hodge, who is an expert on GDPR compliance topics.
Paperwise has entered into Data Protection Agreements with our vendors (subprocessors) to ensure that the privacy and security of our customer data is protected. Paperwise consistently provides its service to all of its customers, and is consistent with the security program on which Paperwise’s annual SOC2 (Type II) third-party audit is premised.
Employee Education and Training
In addition to the privacy training that all Paperwise employees receive during on-boarding and annually thereafter, employees with roles that are customer facing (e.g. sales team) have been trained on GDPR and how it impacts their roles.
Data Subject Rights
GDPR empowers data subjects (aka our users) with certain rights to help assure the privacy and protection of their personal data. These rights include:
- The right to be informed
- The right of access
- The right of rectification
- The right to erasure
- The right to restrict processing
- The right to object
- Rights on automated decision making/profiling