The European Union’s General Data Protection Regulation (GDPR), which becomes effective in May 2018, requires companies to be accountable for how they use, manage and maintain the personal data of their customers and employees.
We provide our clients with enterprise-grade controls to manage, govern access and ensure security of personal data housed in the CardioMood Cloud.
All personal data or personally identifiable information (PII) in the CardioMood Cloud are stored securely in our datacenters in Switzerland. We use encryption to protect data in transit and at rest. Data in transit to our applications is protected using HTTPS. Our personnel are required to execute a confidentiality agreement and must acknowledge receipt of, and compliance with, CardioMood’s confidentiality and privacy policies. Personnel handling Customer Personal Data are required to complete additional requirements appropriate to their role and will not process Customer Personal Data without authorisation.
CardioMood Cloud automates GDPR compliant deletion of customer data for customers requesting “right to be forgotten” requests. You can manage your personal data directly in our CardioMood cloud portal. We offer the possibility to directly delete your account and all your personal data. CardioMood’s applications also provide data export and modification that comply with GDPR.
CardioMood purges personal data from internal processing systems to minimise the data we retain per GDPR Article 5. Our system retains customer data until our customers delete it or not use our service after a long period.
Don’t hesitate to contact us to find out more about how we’re helping keep your data private, accurate and secure. Please contact us by email at privacy@cardiomood.com
