Data Privacy Regulations and Frameworks are laws, regulations, or standards that provide data protections for users of software applications and internet websites.
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. Though it was drafted and passed by the European Union (EU), it imposes obligations on organizations anywhere that collect or process personal information from individuals who live in the European Union (EU).
All Symplicity solutions fully comply with GDPR and any other applicable data protection regulations. As a standard part of our partnership with our customers, the customer will always remain the Data Controller, and Symplicity is a processor of all personal data processed on the application(s), on behalf of our clients. All data is stored in the secure cloud, underpinned by Amazon Web Services (AWS).
The EU GDPR is an EU Regulation and it no longer applies to the UK. If you operate inside the UK, you need to comply with the Data Protection Act 2018 (DPA 2018). The provisions of the EU GDPR have been incorporated directly into UK law as the UK GDPR. In practice, there is little change to the core data protection principles, rights and obligations. Now the EU has approved adequacy decisions for the UK, most EEA processors will be able to send personal data back to UK controllers with no restrictions.
Symplicity solutions fully comply with UK GDPR. As a standard part of our partnership with our customers, the customer will always remain the Data Controller, and Symplicity is a processor of all personal data processed on the application(s), on behalf of our clients. All data is stored in the secure cloud, underpinned by Amazon Web Services (AWS).
If you’d like a deeper understanding of how Symplicity approaches security, you can read more here, or contact your account team for more details.
The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian federal law that applies to the collection, use, and disclosure of personal information in the course of commercial activities in all Canadian provinces as supplemented by substantially similar provincial privacy laws in Alberta, British Columbia and Québec. PIPEDA also applies to international and interprovincial transfers of personal information.
Symplicity is in compliance with all legal and regulatory requirements in the Canada region on systems used to support Symplicity clients.
The CCPA gives the residents of California the right to know how businesses are handling their personal information. The new law mandates companies to inform consumers about the data collected or shared while giving them the right to access, control, delete, and opt-out.
Symplicity complies with the California Consumer Privacy Act (CCPA).
The Privacy Act 1988 (Privacy Act) is the principal piece of Australian legislation protecting the handling of personal information about individuals. This includes the collection, use, storage, and disclosure of personal information in the federal public sector and in the private sector.
Symplicity is compliant with its obligations under the Privacy Act.
The Personal Data Protection Act (PDPA) provides a baseline standard of protection for personal data in Singapore. It complements sector-specific legislative and regulatory frameworks such as the Banking Act and Insurance Act. It comprises various requirements governing the collection, use, disclosure and care of personal data in Singapore.
Symplicity complies with the PDPA clauses.