ManageBac has been committed to data privacy for over 10 years and welcomes the new regulations.  We will do our part to ensure that all our customers are GDPR compliant before the May 25, 2018 deadline.

General Data Protection Regulation (GDPR)

In April 2016, the European Union approved a new data protection regulation which will go into effect on May 25, 2018. The General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and local law and regulations across the EU/EEA. It contains some of the most sweeping changes to data protection regulation in Europe, and is designed to reinforce individual rights to privacy and harmonize laws across Europe pertaining to data storage and use.

To read more about GDPR, please click here.

Our Customer Commitment

As one of the world’s only learning platforms with ISO 27001:2013 information security certification, we are well prepared for the upcoming GDPR changes with a strong set of organizational and technical security measures. ManageBac has been designed from the start with personal data protection in mind, and we pride ourselves on offering schools, students and parents the highest level of security.

For the cloud services we provide to our customers and their end users, ManageBac is what both existing and new EU regulation defines as a “data processor”. As a data processor we do not decide the purpose or lawfulness of the processing. Rather, we process data on our customers’ behalf. The GDPR regulations force stricter requirements upon all processors of data. We will fully comply with these requirements for all of our services, including ManageBac, OpenApply and Integration partners.

Over the last year, we have worked to analyze the new requirements and make the necessary changes in our services and internal workflows. In the next few months, we will provide you with documentation, contract addenda and suggested protocols that you may need to prove your compliance. On our side, we expect to be fully compliant by the end of Q1 2018, well in time for the new regulations.

As a part of our commitment to GDPR, you can expect ManageBac to:

  • Ensure organisational and technical security for all services.
  • Assist with documentation to demonstrate compliance and keep users informed.
  • Provide new contract addenda that comply with GDPR requirements for Data Processing Agreements (DPA)
  • Offer support when your users exercise their data subject rights.

For a complete overview of what we are doing for GDPR Compliance, please visit the ManageBac Terms of Service.