How Clickatell is maintaining GDPR compliance

The General Data Protection Regulation (GDPR) is a Regulation by the European Commission with the intention of making data protection stronger for people and organizations in the European Union. The deadline for compliance was 25 May 2018, and because Clickatell processes personal data of data subjects within the EU (on behalf of our Controllers), the regulation applies to our organization.

Below is a set of questions and answers that outline our current position and commitment. If you have any questions about your personal data, or how we protect it, please contact us via email: dataprotection@clickatell.com

1 Why is complying with GDPR important?

We believe that it’s important to comply with GDPR (and other relevant data protection laws) because they prevent people from suffering harm.

People may:

  • lose money in a phishing attack;
  • become victims of identity fraud;
  • have their privacy infringed;
  • suffer prejudice; or
  • other harm.

if those who control their personal data fail to protect it or process it unlawfully.
We take the protection of your personal data very seriously and have positioned ourselves to comply with GDPR.

2 What approach did Clickatell take to comply with GDPR?

Complying with GDPR isn’t easy, but we’ve invested significant time and resources into our compliance project.

We planned our compliance efforts carefully by:

  • consulting with data protection professionals;
  • educating our staff and contractors through face-to-face workshops and online training; and
  • identifying actions to comply with GDPR.

3 What has Clickatell done to comply with GDPR?

Clickatell has taken numerous steps to comply with GDPR, including:

  • reviewing our privacy policy;
  • entering into data processing agreements with our customers and suppliers; and
  • updating our data security on our equipment, infrastructure, and systems.

4 Where is Clickatell’s data infrastructure hosted?

In April 2018, Clickatell moved its data infrastructure to Amazon Web Services (AWS) in Ireland.
Data (including personal data) gathered by Clickatell is hosted and processed on the AWS Network.
AWS maintains an information security program that is certified under ISO 27001. ISO 27001 is the international best practice standard for information security. AWS also makes provision for GDPR compliance.