How Fastvue is Ensuring GDPR Compliance

The new General Data Protection Regulation (GDPR) is coming into effect May 25, 2018, so we are clarifying how Fastvue will comply with the GDPR moving forward.

Administrative headaches aside, the GDPR is a tremendous step in the right direction, and as a global business it is important that we align our data practices with the high standards set by the GDPR.

Here is an outline of how we are ensuring GDPR compliance by May 25th, 2018:

1. We have conducted a full audit of how, where and why we store data and are making all necessary changes to consolidate and appropriately secure this data.
2. We've appointed a Data Protection Officer that can be contacted directly via [email protected] to discuss specific concerns.
3. We are rolling out a new Privacy Center, including:
   • A new GDPR-compliant Privacy Policy.
   • A Subject Access Request form to request your data that we have on file.
   • An Erasure Request form, in line with your right to be forgotten.
   • Cookie and tracking controls.
   • The ability to unsubscribe from marketing communications.
   • Contact details for our data protection officer.
4. Additional consent options will be provided when we request your details when downloading our software, requesting quotes, or submitting any web forms.
5. We are obtaining additional consent for previously collected details (you may receive an email to reconfirm your subscription preferences)
6. We are signing Data Processing Agreements (DPA's) with all our data processors (organizations we use that store your personal data on our behalf).
7. We are reducing the amount of information we collect in our WebSpy Vantage registration/activation requests to the bare minimum we require to validate a registration.
8. Improving internal processes around data access and protection.
9. Other items as we come across them in our ongoing quest for data security and privacy.

Is Fastvue a Data Processor?

Fastvue is not a data processor as defined by the GDPR. According to the GDPR, a data processor is responsible for processing personal data on behalf of a controller.

Fastvue provides software that you download on your own system. We are a data controller for the data you submit to us when downloading, purchasing and registering our software, but we are not a data processor for the data processed by our software, as the processing and storage of data is performed on your own system, not ours.

At no point does Fastvue or WebSpy's software upload your network's log or report data to our own servers or systems.

We recommend that you secure the Fastvue Reporter web interface so that only authorized personnel can access it (search the support portal for the product you are using for steps on how to do this), and secure access to your Fastvue and/or WebSpy Vantage servers in accordance with your compliance requirements.

Of course, we are happy to assist our customers as best we can with their GDPR requirements as they pertain to their use of our software, and we are discussing ways we can implement additional GDPR features and controls into the software, where feasible.

If you have questions, please email us at [email protected].