General Data Protection Regulation (GDPR)
What is the GDPR?
The GDPR is the new European General Data Protection Regulation (GDPR). The GDPR adapts the previous Data Protection Directive (as of 1995) to the digital age by modernizing and updating it. How must personal data be handled today? The requirements are laid down in the GDPR. The GDPR will enter into force on May 25. It applies uniformly throughout the EU.
What is personal data?
Personal data is information about a user, which enables, for example, conclusions to be made as to who the user is. Personal data includes information such as name, date of birth, email addresses, social security numbers, bank data, and online data. Physical characteristics such as gender or dress size may also be processed. How personal data must be handled is regulated by the GDPR.
What does GDPR mean?
In Germany, the English term “General Data Protection Regulation” (GDPR for short) is often used instead of the German term “Datenschutzgrundverordnung” (DSGVO).
Who is affected by the GDPR?
The GDPR affects all companies that have a branch in the EU and/or process data of EU citizens. This includes bexio as well because customers in the EU work with bexio.
Why does the GDPR also affect Swiss companies?
If a Swiss company also has a registered office in the European Union (EU) or — which happens much more often — if a company processes personal data of EU citizens, then the GDPR also affects this company.
What advantages does the GDPR offer users?
The new regulation gives users more control over their personal data. The GDPR contains principles and rights for users with regard to how their information such as names, birth dates, email addresses, social security numbers, bank data, online data as well as physical characteristics such as gender or dress size may be processed.
What does the GDPR mean for the companies?
The GDPR makes companies more responsible and requires more detailed documentation on how personal data is processed.
Is bexio GDPR compliant?
Yes. When the new European General Data Protection Regulation (GDPR) comes into force, we as a provider will fully meet the legal requirements.
What is an Order Processing Contract (OPC)?
The Order Processing Contract specifies the framework conditions under which personal data may be outsourced and transferred to third parties — in this case bexio — for processing on behalf of your company.
Do I need an Order Processing Contract (OPC, formerly: CDP)?
If you as a company have a registered office in the European Union (EU) or process personal data of EU citizens, then the GDPR also affects you. You must then also conclude an Order Processing Contract (OPC) with bexio in order to comply with data protection law. To make it easier for you, we have integrated the OPC as an appendix to our GT&Cs.
Questions about privacy?
If you have any questions regarding privacy, please email our data protection officer directly at firstname.lastname@example.org.