EU General Data Protection Regulation (“GDPR”) Compliance Statement

Our Commitment

At Displayr data security is a priority for us and, as such, compliance with the GDPR is necessary to maintain our firm commitment to the protection and safeguarding of the personal data that we collect and process. In order to be GDPR compliant, we have reviewed and updated, where necessary, all our data protection processes, policies and controls.

There are two categories of personal data that Displayr may have access to and our responsibilities with respect to each are different:

  1. Personal data that is part of Displayr or Q user accounts
  2. Personal data in data sources uploaded to Displayr or Q (i.e. your data)

1. Personal Data that is part of Displayr or Q user accounts

In accordance with Article 13 of the GDPR, we must be transparent as to the purpose and use of the data collected, as well as provide details as to which third parties will be in contact with this data. As outlined in our privacy policy and terms of use, collecting personal data is a contractual requirement in order to comply with our legal obligations and enable us to perform our duties as a business. We are required by law to keep this data according to our confidentiality agreements and applicable taxation laws.

The personal data we collect is covered under ‘legitimate interest’ in Article 6 (f) as necessary in order to provide customers with our systems and offers and keep the business operating smoothly on a day-by-day basis.

Data Subject Rights

If individuals choose to enforce their data protection rights, we allow, as per Articles 12 to 23, their rights to request access to, amend, delete and restrict personal data from being processed, as well as lodge a complaint.

2. Personal data in data sources

Data which you upload or connect to Displayr or Q may contain personal data subject to GDPR and you are responsible for identifying this within your own data source.

You may export data from Displayr or Q (such as in a QPack, PowerPoint file, PDF or CSV file) and this export may contain personal data to the extent personal data is included in the data sources.

For Displayr and Q, you are the controller of personal data in your data sources and this means that you have certain responsibilities with respect to GDPR. These will include identifying personal data, keeping it secure, governing its use and facilitating the rights of data subjects.

For Displayr and Q, we are the processor of this personal data. Our terms of business state that we will comply with the GDPR requirements for data processors (https://www.displayr.com/terms-of-use/ and https://www.qresearchsoftware.com/license-terms)

Q is installed locally behind your own firewall and your data is not automatically transmitted to us. Our teams also do not have any built in connection to your software that would enable them to access your data. Where R calculations are performed with Q, your data, which may include personal data, may be sent to our R servers. There is no storage or backup of this data.

We currently have servers in the US, Canada, Western Europe, South-East Asia and Australia. For Displayr we do not guarantee on which server your data will be stored. If you require this guarantee you should speak to your Displayr contact. We have incorporated standard contractual clauses into our terms of business as required for our EU and UK customers.

Subprocessors

Displayr currently uses the following subprocessors to process personal data in the provision of software services:

Subprocessor Entity Country Purpose Products
Amazon Web Services US Data hosting facilities Displayr
Microsoft US Data hosting facilities (Azure)

Email and data storage for limited support requests (Microsoft Office)

Displayr, Q
Filestack US File Upload Displayr
Zendesk US Customer support Displayr, Q
Google US Language translation features Displayr, Q

 

Displayr currently uses the following affiliates (see entity and country of registration below) to process personal data, and may be acting as subprocessors in the delivery of the software services and associated support services:

Displayr Australia Pty Ltd Australia
Numbers International LLC US
Displayr Inc US
Displayr New Zealand Limited Partnership New Zealand
Q Research Software Limited UK

 

Customer Requirements

We further require our customers to comply with our stringent data protection policies and only upload personal data for legitimate and necessary reasons whilst still conforming to minimisation rules if data cannot be made anonymous.

Questions

If you have any questions about this document and/or GDPR compliance, please contact us at:

Displayr
https://www.displayr.com
[email protected]

This document was last updated on July 10, 2024

I'm Online

Got 5 mins? I'm online if you want a quick Displayr demo

close-link