NINE'S COMMITMENT TO DSGVO

WHAT HAS NINE DONE ABOUT GDPR?

HERE IS A SUMMARY OF OUR GDPR ROADMAP AND THE STEPS WE TOOK ON OUR JOURNEY:

  • Thorough examination of the areas of our products influenced by GDPR, customer relations and business partners
  • Appointment of a data protection officer
  • Revision of the nine GTCs
  • Development of a strategy to meet the requirements of the areas of our products affected by GDPR
  • Implementing the necessary changes to our internal processes and procedures to achieve and maintain GDPR compliance
  • Finalizing and communicating full compliance
nine has also worked with numerous external lawyers to understand the new legislation and counter its effects.

WHAT DO NINE CUSTOMERS HAVE TO CONSIDER?

THERE ARE TWO THINGS YOU HAVE TO DO DEPENDING ON YOUR SITUATION AND JURISDICTION. BELOW YOU WILL FIND THE ONLY CHANGES WE CAN FORESEE THAT COULD AFFECT YOU THROUGH THE USE OF NINE'S INFRASTRUCTURE SERVICES:

1. 

Ensure that your terms of use or privacy policy correctly communicate to your users how you use the services provided by nine (and other similar services) on your website or application. This requirement has always been part of nine's Terms of Use, but the GDPR can severely punish you if you have not clearly done so. We recommend that you make sure your policies are up to date and understandable to your readers.


2. 

If you are in the European Union or process or manage data from customers in the EU, you will probably want to sign a data processing agreement with your customers.

 

3. 

Here you can see a copy of the amended terms and conditions. If you have any questions about the content, simply send an e-mail to sales@nine.com.

I AM NEW TO GDPR AND WOULD LIKE TO KNOW MORE DETAILS ABOUT WHAT IT IS.

The EU's General Data Protection Act (GDPR) is considered the most important European data protection law introduced in the European Union (EU) in the last 20 years and will replace the 1995 Data Protection Directive. 

GDPR regulates the processing of personal data about persons in the European Union including their collection, storage, transmission or use. It is important that the term "personal data" is very broadly defined in the GDPR and includes all information relating to an identified or identifiable person (also called "data subject").

It gives data subjects more rights and control over their data by regulating how companies should handle and store the personal data they collect. GDPR also increases the commitment to compliance by increasing enforcement and imposing higher fines if the provisions of GDPR are violated.

The DSGVO strengthens the privacy of EU citizens and obliges organisations to handle data.



If you are a company outside the EU, you should be aware of this. The provisions of the GDPR apply to any organisation that processes personal data of individuals in the European Union, including the tracking of their online activities, whether or not the organisation has a physical presence in the EU.

In summary, here are some of the most important changes that will come into force with GDPR:

  • Extended rights for individuals: GDPR provides for extended rights for individuals in the European Union, including the right to be forgotten and the right to request a copy of personal data stored in their context.
  • Compliance obligations: The GDPR requires companies to implement appropriate policies and security protocols that assess privacy impacts, keep detailed records of data activity and make written agreements with vendors.
  • Notification and security of data breaches: The GDPR stipulates that companies must report certain data protection violations to the data protection authorities and under certain circumstances to the persons concerned. The GDPR also places additional security requirements on organisations.
  • New requirements for profiling and monitoring: The GDPR provides for additional obligations for organisations involved in profiling or monitoring user behaviour of EU citizens.
  • Greater enforcement: According to the GDPR, the authorities can impose fines of up to 20 million euros or 4% of a company's worldwide annual turnover, depending on the severity of the violation and the damage caused. In addition, the GDPR provides a central enforcement body for organizations operating in several EU Member States by requiring companies to cooperate with a leading supervisory authority for cross-border data protection issues.