Preparing for a new era in privacy regulation – Nationwide Payment Systems’ Commitment INTERCHANGE SECRETS hereby refers to all marks and trade-names under INTERCHANGE SECRETS and any other products on our website.

On May 25, 2018, the member countries of the European Union (EU), including the United Kingdom, began to enforce a much more stringent European Union (EU) data protection regulation called the General Data Protection Regulation (GDPR). We are fully compliant with the GDPR regulation and provide GDPR related assurances in our policies, such as our Privacy Policy, and our contractual commitments.

The GDPR is designed to harmonize data protection and privacy laws across Europe and to further empower all residents of the EU to control their own personal data. Significantly, all companies and organizations around the world that offer goods and services to European residents are subject to GDPR, and penalties for noncompliance are significant.

At INTERCHANGE SECRETS we acknowledge that the GDPR is an important business and organizational issue around the world, that is ignored at your peril, and we want to help our customers adapt to the new reality of GDPR.

This document gives an overview of the steps we have taken and helps address questions you might have about GDPR and INTERCHANGE SECRETS.

 

WHAT IS GDPR?

On May 25, 2018, the member countries of the European Union (EU), including the United Kingdom, began to enforce a new data protection regulation, the General Data Protection Regulation or Regulation (GDPR). The GDPR is designed to harmonize data privacy laws across Europe at a higher level, to protect the personal data of residents of EU countries and empower them to be proactive about the treatment of their personal data by organizations that collect or use it, and to reshape the way organizations throughout the world approach data privacy.

 

WHO DOES THE GDPR IMPACT?

The GDPR applies to organizations located within all EU countries, which comprises most of Europe, in addition to organizations located outside of the EU if they offer goods or services to, or monitor the behavior of, natural persons or ‘data subjects’ located in the European Union. It applies to all companies’ processing personal data, which means collecting, recording, organizing, using, storing, modifying or disclosing the personal data of data subjects residing in the EU, regardless of the company’s location.

 

WHAT STEPS HAS INTERCHANGE SECRETS TAKEN TO COMPLY WITH GDPR?
  • Mapping an overview of all our systems to document the use of personal data.
  • Introducing an updated Privacy Policy that reflects our obligations under the GDPR.
  • Reviewing and revising our vendor agreements and implementing new processes to address the GDPR sub-processor requirements.
  • Making technical changes to our platform that will enable us to support the GDPR’s requirements and the enhanced rights of data subjects.
  • How INTERCHANGE SECRETS demonstrate compliance with GDPR? To our knowledge we have fully complied with it’s requirements and have reviewed our compliance with legal council.
  • What constitutes “personal data” under GDPR?
  • Any information related to a natural person (called “data subject”) resident in the EU that can be used directly or indirectly to identify that person. It can be anything from a name, a photo, an email address, job title, or company to an identification number, location/GPS data, or a factor specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the data subject.

    WHAT PERSONAL DATA DOES INTERCHANGE SECRETS COLLECT FROM ITS USERS?

    When you fill out registration to a trial use of INTERCHANGE SECRETS software, customer support forms, request a demo, buy a product or ask to receive our blog, special discounts or offers or participate in the INTERCHANGE SECRETS Community on the INTERCHANGE SECRETS website (interchangesecrets.com), or proactively provide us with other personal information, we collect that information. For example, to create an account we ask only for an email address and password. In other circumstances, such as when you complete a form related to the purchase/license of a particular product offering, we may need you to provide other information, which may include your name, phone number, payment information, and/or postal address.

    In addition, your device automatically provides information to us so we can respond and customize our response to you. This generally includes technical information about your computers, such as your IP address or another device identifier, the type of device you use, and operating system version. It may also include usage information and information associated with your interaction with INTERCHANGE SECRETS.

     

    WHAT DOES INTERCHANGE SECRETS DO TO KEEP ITS USERS’ PERSONAL DATA/INFORMATION SAFE?

    User privacy is at the core of our business. We are regularly enhancing and updating our security platforms, procedures and methods to better protect our users’ personal information and protect their right to anonymity.

    Who should I contact if I have further questions about GDPR compliance and my relationship with NPSBank?

    For more information about INTERCHANGE SECRETS and GDPR, please contact us. Further information on GDPR specifically can be found at www.eugdpr.org.

     The INTERCHANGE SECRETS Team