DealRoom and GDPR

As of May 25, 2018 the General Data Protection Regulation (GDPR) has been in effect which has fundamentally changed the way organizations think about data privacy. At DealRoom, not only is our data one of our most important assets, our customer’s data is just as critical. This is why the privacy, confidentiality, integrity and authenticity of all data was taken into consideration and built into our business from the very beginning. This is how DealRoom addresses the seven principles of GDPR:

1. Lawfulness, fairness and transparency:

DealRoom’s core mission is to provide a single platform that can be used by organizations to collaborate on deals and eliminate inefficiencies. In doing so, DealRoom never collects or processes any customer information that would be considered unlawful, or have an adverse impact on any individual. DealRoom is open, honest and complies with the transparency obligations of the right to be informed.

2. Purpose limitation:

DealRoom has clearly defined the purpose for collecting and processing all customer information, including personal information. This purpose is documented and outlined in our privacy policy which is publicly available on our website.

3. Data minimization:

DealRoom only collects the personal information necessary for normal use of the services as outlined in the privacy policy. All data is reviewed on a regular basis to ensure that we only retain what is necessary and any other is securely deleted and removed from our systems.

4. Accuracy

DealRoom takes careful consideration of the challenges of maintaining accurate personal information. All reasonable steps are taken to ensure any personal data stored is accurate and not misleading in any way. Additionally, DealRoom is transparent about all data collected and provides the appropriate channels to address any incorrect or misleading information.

5. Storage limitation:

DealRoom maintains strict data storage and retention policies that are regularly reviewed. In part of the DealRoom platform, our customers maintain full control over their data and have the right to remove it at any time. Data is regularly reviewed and securely removed when no longer required for business purposes.

6. Integrity and confidentiality (security):

Information and data security are of critical importance to DealRoom. DealRoom has implemented an information security program that addresses the confidentiality and integrity of all information throughout the organization. Customer information within the DealRoom platform is encrypted both in storage and in transit to ensure it remains secure. Additionally strict access control is maintained so only personnel with a need to know have access to sensitive customer information. The information security program is reviewed on a regular basis to ensure the appropriate threats and risks are identified and addressed.

7. Accountability:

DealRoom takes responsibility for the privacy of all information and compliance with applicable regulations including the GDPR at the highest levels of the organization’s leadership. Policies and procedures supporting compliance with these requirements are reviewed on a regular basis.