Reach new heights with Magento 2

GDPR compliance

The European Union General Data Protection Regulation (GDPR) is a data privacy regulation that applies to all companies processing and holding the personal data of data subjects residing in the European Union. This article describes the GDPR compliance status of outer/edge.

If your company needs to ensure it is GDPR compliant, it also needs to ensure its providers are also GDPR compliant. outer/edge is GDPR compliant and strictly enforces the regulations to protect the user data we store.

Awareness

All employees of outer/edge are fully aware of the GDPR requirements and the need to protect personal data. Where possible, code reviews are carried out by the Data Protection Officer to ensure continual compliance.

Information we hold

outer/edge stores data on two kinds of parties:

  • Our customers (i.e. the customers who communicate directly with us)
  • Our customers' end-users (i.e. the customers of our customers)

outer/edge does not share or resell any kind of customer data. We do not store, control or process any "sensitive personal data" (as defined by the GDPR)

Information held on our customers

TBC

Information held on our customers' end-users

TBC

Communicating privacy information

Our privacy terms are clearly communicated in our privacy policy.

Our customers end-users privacy terms are the sole responsibility of the customer. They should be announced on the customers website.

Individuals' rights

Your rights relating to GDPR are enforced and include the below:

  • Right to be informed: we clearly inform our customers about the data we collect and how we will use that data
  • Right of access: you can contact us to obtain access to your personal data that we store
  • Right of rectification: simply contact us and we'll update our records
  • Right of erasure: you can also contact us at any time and we'll handle your erasure queries
  • Right to restrict processing: we don't process the data of our customers (or our customers end-users)
  • Right to data portability: our users may contact us anytime if they would like an export of their data
  • Right to object: we handle all requests on this matter from our customers and their' end-users
  • Right not to be subject to automated decision-making including profiling: we don't do that (and never will)

Subject access requests

outer/edge will reply to all access requests within one month, there is no charge for our customers.

Children

We do not offer services to children under the age of 16.

Data Protection by Design and Data Protection Impact Assessments

Whenever outer/edge develops a new system, security and the protection of your data comes first when designing the architecture of our systems.

Data Protection Officers

Our Data Protection Officer is David Windell, he can be reached via:

  • Email: dataprotection@outeredgeuk.com
  • Phone: +44 (0)333 344 0520
  • Address: Martins Barn, Birdham Road, CHICHESTER, PO20 7BX, UK

International

outer/edge is located in the UK and, thus, our supervisory authority is based in the UK.

outer/edge is a trading style of OuterEdge UK Ltd, a company registered in England & Wales.