Data Privacy Regulations and Frameworks are laws, regulations, or standards that provide data protections for users of software applications and internet websites.
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. Though it was drafted and passed by the European Union (EU), it imposes obligations on organizations anywhere that collect or process personal information from individuals who live in the European Union (EU).
All Symplicity solutions fully comply with GDPR and any other applicable data protection regulations. As a standard part of our partnership with our customers, the customer will always remain the Data Controller, and Symplicity is a processor of all personal data processed on the application(s), on behalf of our clients. All data is stored in the secure cloud, underpinned by Amazon Web Services (AWS).
To understand more about customers' rights under the GDPR, refer to Symplicity's privacy policy in Privacy Policy.
The EU GDPR is an EU Regulation and it no longer applies to the UK. If you operate inside the UK, you need to comply with the Data Protection Act 2018 (DPA 2018). The provisions of the EU GDPR have been incorporated directly into UK law as the UK GDPR. In practice, there is little change to the core data protection principles, rights and obligations. Now the EU has approved adequacy decisions for the UK, most EEA processors will be able to send personal data back to UK controllers with no restrictions.
Symplicity solutions fully comply with UK GDPR. As a standard part of our partnership with our customers, the customer will always remain the Data Controller, and Symplicity is a processor of all personal data processed on the application(s), on behalf of our clients. All data is stored in the secure cloud, underpinned by Amazon Web Services (AWS).
If you’d like a deeper understanding of how Symplicity approaches security, you can read more here, or contact your account team for more details.
The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian federal law that applies to the collection, use, and disclosure of personal information in the course of commercial activities in all Canadian provinces as supplemented by substantially similar provincial privacy laws in Alberta, British Columbia and Québec. PIPEDA also applies to international and interprovincial transfers of personal information.
Symplicity is in compliance with all legal and regulatory requirements in the Canada region on systems used to support Symplicity clients.
The British Columbia Freedom of Information and Protection of Privacy Act (BC FIPPA) is a provincial law in British Columbia, Canada, that grants individuals the right to access government records and personal information held by public bodies in the province. It also sets out rules for how public bodies can collect, use, and disclose personal information. In addition to PIPEDA, Symplicity complies with BC FIPPA.
Bill 64, also known as Quebec Law 25, is a provincial privacy law in Quebec, Canada, aimed at enhancing the protection of personal information. It governs the collection, use, and disclosure of personal data by organizations operating within the province. Quebec Law 25 reinforces individuals' rights concerning their personal information and imposes obligations on organizations to ensure the proper handling and safeguarding of such data.
Symplicity diligently adheres to all legal and regulatory requirements within the Canada region, including compliance with Quebec Law 25, on systems utilized to support its clients. This commitment encompasses a thorough understanding and implementation of the provisions outlined in Quebec's privacy legislation, thereby ensuring the protection and privacy of personal information collected and processed within the province.
Just as Symplicity complies with PIPEDA at the federal level and BC FIPPA in British Columbia, the company similarly aligns its practices with Quebec Law 25 to uphold the highest standards of data privacy and security for its clients and their stakeholders.
The CCPA gives the residents of California the right to know how businesses are handling their personal information. The new law mandates companies to inform consumers about the data collected or shared while giving them the right to access, control, delete, and opt-out.
Symplicity complies with the California Consumer Privacy Act (CCPA).
The Privacy Act 1988 (Privacy Act) is the principal piece of Australian legislation protecting the handling of personal information about individuals. This includes the collection, use, storage, and disclosure of personal information in the federal public sector and in the private sector.
Symplicity is compliant with its obligations under the Privacy Act.
The Personal Data Protection Act (PDPA) provides a baseline standard of protection for personal data in Singapore. It complements sector-specific legislative and regulatory frameworks such as the Banking Act and Insurance Act. It comprises various requirements governing the collection, use, disclosure and care of personal data in Singapore.
Symplicity complies with the PDPA clauses.
