What is GDPR?
The GDPR is a comprehensive data protection law that came into effect in the EU on May 25, 2018. It's designed to give individuals control over their personal data and to unify data protection regulations across Europe. GDPR is important because it:
- Enhances privacy rights: GDPR empowers individuals with more rights over their data. This includes rights to access, correct, delete, and restrict the processing of their data.
- Increases transparency: Organizations must be transparent about how they collect, use, and share personal data.
- Promotes accountability: Companies are held accountable for how they handle personal data, requiring them to implement effective data protection measures.
Our commitment to GDPR and your privacy
We align with GDPR not only because it is a legal requirement but because it resonates with our values. Here's how we embody this commitment:
- Minimal data collection: We don’t ask you for personal information unless we truly need it
- Data retention: We don’t keep your personal information longer than is necessary to provide our services to you
- Data sharing: We don’t share your personal information with anyone except to comply with the law, provide our services, or protect our rights
- No data trading: We don’t rent, sell, or exchange your personal information
- User control and transparency: We aim to make it as simple as possible for you to control what’s visible to the public, seen by search engines, kept private, and permanently deleted
Data Privacy Framework
The seamless flow of personal data across borders is crucial for global commerce. The Data Privacy Framework (DPF) Program, encompassing the EU-U.S., UK Extension to the EU-U.S., and Swiss-U.S. Data Privacy Frameworks, serves as a cornerstone in ensuring such fluidity, compliant with the stringent privacy laws of the EU, UK, and Switzerland.
- EU-U.S. Data Privacy Framework (EU-U.S. DPF): Effective from July 10, 2023, the EU-U.S. DPF allows U.S. organizations to receive personal data from the European Union and European Economic Area. This follows the European Commission’s adequacy decision, aligning data transfer practices with EU law.
- UK Extension to the EU-U.S. DPF: Commencing October 12, 2023, this extension enables U.S. entities to lawfully receive personal data from the United Kingdom and Gibraltar. It functions under the UK's adequacy regulations, ensuring compliance with UK data protection standards.
- Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF): Effective from July 17, 2023, the framework awaits Switzerland's official adequacy recognition. It facilitates the transfer of Swiss personal data to U.S. organizations, adhering to Swiss privacy laws.
This rigorous framework ensures that organizations like Quizizz not only comply with international data protection laws but also reinforce their commitment to safeguarding user privacy across borders. You can check our status here.
Further information and support