In the coming months, businesses and organisations across the globe which handle business with EU residents are preparing for the arrival of a new law. On May 25, 2018, the new standard of data protection called GDPR will take effect and place several new obligations on companies handling or tracking personal data.
At Marvel, we’re committed to fulfilling our obligations and ensuring that our customers understand and prepare for the new law. To keep everyone up to date and our methods transparent, we’ve created this page. Think of it as our GDPR hub, containing the latest news, plans and resources for ourselves and our customers - but here’s an overview to get started.
First things first, what is GDPR?
GDPR stands for General Data Protection Regulation and is a new comprehensive data protection law in the EU that replaces existing laws to strengthen the protection of personal data and the rights of the individual. It will be a single set of rules, directly enforceable in each EU member state.
Co-op Digital have broken down the new law’s terms into digestible posters which really help individuals to understand what GDPR means for them. Things like:
- The right to be forgotten - Without a compelling reason to keep your data, then an organisation must delete it
- The right to move your data - You can obtain and reuse your personal data with other services and providers
- The right to say no - You can stop direct marketing and data processing when there’s no ‘compelling reason’ to do it
How are we preparing for GDPR at Marvel?
To ensure we’re going above and beyond to meet our legal obligations, and help our customers to become compliant, we are making some key policy, product and term updates - including:
- Our internal security and NOC team have spent the last year evaluating our internal data processing procedures and getting ready for GDPR. This means all of our customer's personal data is in good hands.
- We're making product changes that allow our users to manage their data in a private, safe and secure way.
- Marvel is an EU based company. This means all of our EU customer data is stored within our servers in the EU and will not be transferred outside of the EU without our customer's consent.
- All of our internal teams have undergone training and auditing to ensure that we are complying and handling all of our customer data within the requirements of GDPR
Security and Privacy at Marvel
At Marvel we task the security and privacy of our customers information very seriously and are dedicated to staying ahead of the curve and providing the best service. Our customers and partners expect no less from us; in everything we do we keep this in mind and continuously invest time and resources in it.
Our data centre providers maintain multiple certifications, including SOC 1, SOC 2, SOC 3 and ISO27001. In addition all data is encrypted both in transit and at rest using strong encryption.
We are constantly monitoring and improving Marvel to create a robust security framework that allows us to meet the growing needs of the industry. You can read more about our security policy here.
Our team is here to help
We're excited to work with our customers and partners in further strengthening data privacy with GDPR. Should you have any questions on security, privacy or data, our London-based team is here to help , so please don’t hesitate to get in touch.
For more information on GDPR, read the full report here.
