Auvik Compliance Initiatives
What is GDPR?
The General Data Protection Regulation (GDPR) is a set of data governance laws that went into effect within the European Union on May 25, 2018. Wikipedia has an excellent overview of the regulation here.
Organizations outside the EU are also affected, since any organization that works with the personal data of EU residents now has obligations to protect the data.
What has Auvik done about GDPR?
At Auvik, we’ve always honored our users’ right to data privacy and protection. The Auvik platform doesn’t need to collect and process personal user information beyond what’s required for administering our platform. Any data we do collect is always transmitted over a secure channel and encrypted at rest.
Auvik has taken the necessary steps to be GDPR compliant and understand our obligation as a data processor to support our partners in their GDPR compliance.
Will Auvik sign a Data Processing Addendum?
Yes. Note that we have updated Auvik’s general terms of service to include a data processing addendum (DPA) for all customers but we can review and sign your DPA if you prefer.
SOC 2 TYPE 1
SOC 2 is an audit report on controls at a service organization relevant to security, availability, processing integrity, confidentiality and privacy. It’s the most recognized compliance criteria for cloud vendors around the world.
SOC Type 2 in progress, targeting Q2 2019