General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)
Compliance at Meritto

Meritto remains committed to helping our customers comply with the General Data Protection Regulation (GDPR) through our robust privacy and security protections. Enacted on May 25, 2018, the GDPR privacy law expands the privacy rights of European Union (EU) individuals and places new obligations on all organizations that market, track, or handle EU personal data.

Meritto’s GDPR Principles and Practices

At Meritto, we align with GDPR by:

  • Adhering to Data Protection Principles: We ensure that personal data is processed lawfully, transparently, and for specific purposes.
  • Empowering Data Subjects: We recognize and facilitate the rights of individuals regarding their personal data, including access, rectification, and the right to be forgotten.
  • Ensuring Operational Security: Our operational security measures are designed to protect data integrity and prevent unauthorized access. Know More
  • Upholding Data Security and Privacy: Our strategies are focused on maintaining data security, confidentiality, and integrity. Know More
  • Maintaining Organizational Security: Internal security practices, including employee training and physical safeguards, are a priority. Know More
  • Encryption and Pseudonymization: We utilize advanced techniques like encryption and pseudonymization to enhance data security.
  • Accountability and Transparency: As a Data Processor, Meritto is committed to demonstrating compliance with GDPR, including maintaining processing records and conducting impact assessments.
  • Continuous Training and Awareness: Our team undergoes regular GDPR training, ensuring everyone is aware of their responsibilities towards data protection.

Our Commitment to Data Protection

Meritto’s approach to GDPR compliance reflects our overarching commitment to data privacy and security. We recognize the importance of these regulations in the era of digital transformation and are dedicated to upholding the highest standards of data stewardship. By choosing Meritto, you’re not just choosing an educational platform; you’re partnering with a leader in data protection and privacy.

Learn More About Our GDPR Compliance

What is GDPR anyway?

The General Data Protection Regulation (GDPR) represents a significant stride in data protection and privacy, enacted by the European Union (EU). Since May 25, 2018, GDPR has been the cornerstone of digital privacy, impacting how organizations worldwide collect, use, and manage personal data. It replaces disparate national data protection laws with a unified regulation enforceable across the EU.

GDPR is not just a legal requirement but a commitment to data stewardship, respecting and protecting the personal data of individuals. This regulation governs the processing of personal data, which includes collection, storage, transfer, and usage, particularly concerning EU individuals. It broadly defines personal data and places substantial responsibilities on organizations, irrespective of their physical presence in the EU.

Who Needs to Comply with GDPR?

GDPR compliance is mandatory for:

  • Organizations based in or having a presence within any EU nation.
  • Non-EU entities that process the personal data of EU citizens, offering goods or services, whether paid or free.

Key Terms in GDPR

  • Data: Any information collected, stored, and processed.
  • Personal Data: Information relating to an identifiable individual, like names and Social Security numbers.
  • Data Subject: The individual identified or identifiable via personal data.
  • Data Controller: Entity determining the purpose and means of personal data processing.
  • Data Processor: Third-party entities processing data on behalf of a Data Controller.

How prepared are we for GDPR?

We have acted on many fronts to adhere to GDPR.

  • We have raised awareness across the organization through frequent discussions, and trained employees to handle data appropriately.
  • We have assessed Meritto against all requirements of the GDPR and have implemented new features that will give our customers more control over their data.
  • We have assessed all third party service providers and streamlined the contract process with them to ensure that they have addressed the pressing needs of the current security and privacy world.
  • We have improved our data security methods and processes. This includes encrypting data at rest, based on the level of sensitivity and likelihood of risks. We have developed in-house tools for better governance and discovery of data.

At Meritto, your trust is our priority. We ensure that every step we take in our educational journey is compliant with GDPR, safeguarding the data and privacy of our users.