The European Union’s General Data Protection Regulation (GDPR) goes into effect on May 25, 2018. It provides new protections for EU citizens and residents with regard to handling of personal data by service providers. Spatial Networks has been working to ensure Fulcrum is ready to meet the needs of our users with regard to GDPR. The following information summarizes our readiness to address GDPR.
Right to Be Forgotten
You may need to delete customer data in order to comply with data protection and privacy regulations. Fulcrum offers a rich set of features to help you meet your obligations under the GDPR. Fulcrum customers can delete their own data at the organizational/account level. For individual requests following a data subject request, customers can permanently delete their data by creating a support ticket.
Spatial Networks customers may use the Fulcrum export tools to export data in a variety of open formats, including CSV, Microsoft Excel (XLSX), and JSON.
Fulcrum works seamlessly with vendor-provided device encryption on iOS and Android to support encryption at rest on mobile devices in the field. When data is synced to the cloud, it is encrypted in transit using TLS. Data is accessible only through the Fulcrum API, which applies role-based access control to prevent unauthorized access. Further information about security can be found on the Fulcrum security page.
To comply with GDPR requirements, customers may opt to house their data within the borders of the EU.