GDPR

The general European data protection regulation (GDPR) entered into force on May 25, 2018. This text created new obligations for companies that, like Moodwork, process personal data and new rights for the people affected by them. processing, in particular the right to be forgotten and the right to data portability.

Data governance and compliance with general data protection regulations are subjects that we take seriously at Moodwork. This drives our design and development processes on a daily basis.

This is why Moodwork undertakes to comply with the provisions of the law relating to
Information Technology and Liberties of January 6, 1978 (the Data Protection Act) and the regulations
General Data Protection (EU Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016, hereinafter the "GDPR").

As part of the GDPR, Moodwork intervenes exclusively as a processor of personal data.

As a subcontractor for the processing of the Customer's personal data, Moodwork undertakes to:

(I) Process the Data only for the purpose of performing the Customer Agreement.

(II) Process the Data in accordance with the Client's documented instructions.

If Moodwork considers that an instruction constitutes a violation of the GDPR or any other provision of Union law or of the law of the member states relating to data protection, it immediately informs the Client and does not implement this instruction . In addition, if Moodwork is required to transfer data
to a third country or to an international organization, under Union law or the law of the Member State to which it is subject, it must inform the Client of this legal obligation before processing, unless the relevant law prohibits such information for important reasons of public interest;

(III) Guarantee the confidentiality of the personal data processed

(IV) Ensure that the persons authorized to process personal data:

  • Commit to respecting confidentiality or be subject to an appropriate legal obligation of confidentiality,
  • Receive the necessary training in personal data protection;

(V) Take into account, with regard to its tools, products, applications or services, the principles of protection of personal data from the design stage and protection of personal data by default.

(VI) Implement security measures: Moodwork undertakes to implement the technical and organizational measures guaranteeing a level of security adapted to the risk, including, among others:

  • Pseudonymization and encryption of personal data
  • The means to guarantee confidentiality, integrity, availability and resilience constants of treatment systems and services;

(VII) Maintain a processing register, identifying and updating all of the processing carried out on the personal data transmitted to it;

To find out more, you can at any time ask your questions to our data protection officer by email by contacting him at this address: [email protected].