GDPR - FAQ
- What is GDPR?ECL2.0, GDPR
The General Data Protection Regulation (GDPR) is a new personal data protection law which takes effect on May 25, 2018. For more information on the GDPR, please see the website below.
European Commission: Reform of EU data protection rules
- What actions are NTT Communications taking for GDPR?ECL2.0, GDPR
- What actions are NTT Communications taking to protect customer’s personal data?ECL2.0, GDPR
We have implemented physical and organizational security measures per region and have certifications such as ISO 27001, SOC 1and PCIDSS.
For more information about our cloud security, please see item 2.
We will maintain these certifications (https://ecl.ntt.com/en/certificate/ ) and develop training our personnel to keep your personal data protected.
- What should be done if EU personal data is transferred outside EU using ECL service?ECL2.0, GDPR
In case any transfer of EU personal data outside EU happens between NTT Communications affiliates companies, we will address by signing the Model Contracts (http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm).
- What actions are NTT Communications taking regarding the personal data stored in ECL service?ECL2.0, GDPR
When using ECL, customers have the responsibility to review if EU personal data is included in the data it uploads and stores in ECL (“ECL Stored Data”). We are not able to check or review the content of ECL Stored Data. We will not access ECL Stored Data unless explicitly instructed to do so by customer or, to comply with a legally valid and binding order. (Except for the deleting the ECL Stored Data when the contract is terminated.)