Targetprocess is working with numerous customers in the EU and will comply with applicable GDPR regulations as a data processor when they take effect on May 25, 2018. Working together with our customers, we will also explore options to assist our customers with meeting their own GDPR obligations where required.
Where Do We Stand?
Our ability to fulfill our commitments as a data processor to our customers, the data controllers, is a part of our compliance with GDPR where data controllers are using a third-party like us to process personal data. Because of this requirement, Targetprocess is currently working on making our Terms of Service compatible with GDPR requirements—including appropriate provisions for personal data processing, and balancing risk and responsibility between data controllers and data processors.
International data transfers
Targetprocess, Inc. keeps EU customer data within the boundaries of EEU. When we are required to transfer data outside of the EU in order to provide service, we ensure the sub-Processor complies with GDPR provisions.
The GDPR includes certain requirements on data controllers for the portability of personal data. The data our customers store in Targetprocess is theirs and can be exported in CSV, JSON and XML formats.
Where Do You Stand?
Depending on your usage of Targetprocess, you may find that you have some data maintenance to conduct to be compliant with GDPR. As per our terms of service (point 8.1) we do not allow storage of third-party personal data, however it might be attached in some cases unintentionally.
We will continue to make additional required operational changes resulting from the new legislation, and will keep our customers informed throughout this process.