Our Commitment to You and the Protection of Your Data
TalentLMS has an ethical, legal and professional duty to ensure the information it holds conforms to the principles of confidentiality, integrity, privacy and availability. In other words, the information that we are responsible for is safeguarded where necessary against inappropriate disclosure, is accurate, timely and attributable, and is available to those who should be able to access it. TalentLMS complies with standing national law and international regulation regarding privacy and security issues. We are currently running a GDPR compliance program internally so as to be fully compliant with GDPR when the new legislation comes into force (May 25, 2018).
Besides strengthening and standardizing user data privacy across the EU nations, GDPR imposes new or additional obligations on all organizations that handle EU citizens’ personal data, regardless of where the organizations themselves are located. On this page, we’ll explain our methods and plans to achieve GDPR-compliance, both for ourselves and for our customers.
Preparing for the GDPR
The GDPR’s updated requirements are significant and our team is working to bring TalentLMS in line before May 25, 2018. Measures to achieve this include:
We’ll also continue to monitor the guidance around GDPR compliance from privacy-related regulatory bodies and codes of conduct, and will adjust our plans accordingly. We’ll provide you with regular updates along the way by means of our newsletters or enhancements to this site, so that you’re always current.
Our Security Infrastructure
Protecting our customers’ information and their users’ privacy is extremely important to us. As a cloud-based company entrusted with some of our customers’ most valuable data, we’ve set high standards for security. Our cloud infrastructure utilizes Rackspace servers and AWS S3 storage, two industry leading cloud providers that are heavily certified in privacy and security. On top of that we have invested in building a robust privacy and security team, adhering to NIST recommendations and are in the process of enhancing our set of tools for detecting software vulnerabilities prior to production release, assessing our software and deployments, monitoring our infrastructure, protecting customer data, ensuring disaster recovery, business continuity and high availability. In accordance with GDPR requirements around security incident notifications, TalentLMS will continue to meet its obligations and offer contractual assurances.
International Data Transfers: Privacy Shield and Contractual Terms
To comply with E.U. data protection laws around international data transfer mechanisms, we already take part in the transatlantic PrivacyShield program that ensures that data from EU customers are properly handled when located on US servers. You may find our entry for TalentLMS here.
TalentLMS will never employ subprocessors that retain facilities or may perform processing in countries that are not contained in the list of countries for which the European Commission has explicitly affirmed on the adequacy of the protection of personal data.
Data Portability Solutions and Data Management Tools
We fully understand that TalentLMS customers need help from our side in order for them to comply with the GDPR. And we’re happy to say that over the next few months, we’ll be building those tools and features to enhance TalentLMS so as to be fully compliant with the GDPR regulation. Information about the features and functionalities of these enhancements will be shared with you as it becomes available.
Compliance-related controls will enhance the existing tools for data exports with the new features required by GDPR, also fulfilling the TalentLMS obligations regarding data subjects’ rights.
Fulfilling our privacy and data security commitments is important to us. So we’re glad to help you prepare for all the changes the GDPR brings. This page will be revised to reflect GDPR-related information as it becomes available. If you have any questions about how TalentLMS can help you with compliance, or you have any privacy-related concerns, please reach out by contacting us at: privacy (at) talentlms (dot) com.