To safeguard the confidentiality, integrity and availability of data, the OpenMoves platform is hosted on Microsoft Azure. In the US we utilize the East US 2 region, with data backed up to the Central US region. European data is held in the West Europe region, with data being backed up to the North Europe region. All Azure facilities meet a broad set of compliance standards, details of which can be found here. A map showing the Azure data center locations can be found here.
In May 2018, a European privacy law, the General Data Protection Regulation (GDPR), is due to take effect. The GDPR imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. The GDPR applies no matter where you are located.
OpenMoves has extensive expertise in protecting data, championing privacy, and complying with complex regulations. We believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. We want to help you focus on your core business while efficiently preparing for the GDPR.
We are committed to our principles of cloud trust, data protection, and data security. We intend to provide platform functionality to address the privacy demands of our customers. As the GDPR enforcement begins, here is what else you can expect from us:
While OpenMoves is fully committed to helping you successfully comply with the GDPR, it is important to recognize that compliance is a shared responsibility. New requirements – like greater data access and deletion rules, risk assessment procedures, a Data Protection Officer role for many organizations and data breach notification processes – will mean changes for your organization. When it comes to GDPR compliance, it’s not just European organizations that are affected, but also those outside of the EU who process data in connection with the offering of goods and services to, or monitoring the behaviour of, EU residents. As such, it is important to understand your obligations related to GDPR regardless of where your organization resides.
It will take time, tools, processes and expertise for you to comply with the GDPR. To do this, you need to make changes to your privacy and data management practices.
We want to make it really easy customers to comply with GDPR regulations. You'll start seeing changes soon.
We understand that you must be able to entrust your chosen email and automation provider with one of your most valuable assets - your data. To gain that trust we continue to invest in technology and resources to build security and privacy into our platform. We operate a policy of transparency and aim to provide you with the information you need to feel confident in using us.