Last updated on 24 December 2019
The General European Data Protection Regulation (GDPR) begins on 25 May 2018. This important piece of regulation entails new obligations for companies such as PayFit which process personal data. GDPR also establishes new rights for the people whose data is being processed, in particular the right to forget and the right to data portability.
PayFit has already taken all the necessary measures to be GDPR compliant, and therefore offers its services within a secure and clear legal framework. Since the beginning of its activities, PayFit’s main focus has been the protection of personal data and the application of GDPR provides an opportunity to strengthen this protection for the benefit of PayFit's customers and, ultimately, the people whose data is processed.
Among the measures implemented by PayFit to ensure GDPR compliance:
- the establishment of a clear contractual framework, where the obligations and responsibilities of PayFit and its customers with regards to the collection and processing of personal data are precisely defined.
It should be noted that, as part of the services offered to its customers, PayFit acts as a subcontractor for them. It is therefore also the responsibility of the latter to ensure that their operations comply with GDPR, in particular with regards to the collection of personal data which is then transmitted to PayFit;
- the creation by PayFit of a register of processing operations, identifying and updating all processing operations carried out on the personal data transmitted to it;
- the implementation of a procedure to secure personal data to reduce as much as possible the risks of data breach, and the implementation of a CNIL (Commission nationale de l’informatique et des libertés) information protocol in the event of such a breach;
- the appointment of a Data Protection Officer (DPO), who is responsible for ensuring internal compliance with PayFit's data protection policy and acting as an interface with the CNIL.
To learn more about how PayFit uses your data, you can read the following documents:
- If you have applied for a job position at PayFit, you can find detailed information about how your data is processed by clicking here.
- If you are part of a company that uses PayFit, any information relating to the processing of your personal data must be requested directly from your employer, in which case PayFit acts as a subcontractor.
- If you are part of the PayFit Tester community, you can find detailed information about how your data is processed by clicking here.
- If you would like to know more about how your cookies are processed, you can click here.