ONE and GDPR compliance

GDPR: what is it?

The General Data Protection Regulation (GDPR) is the main European law on personal data protection. It represents a shift in the regulations that apply to all companies that have data on European citizens. It entered into effect on May 25, 2018.

How has Open Digital Education, the software publisher of ONE, met GDPR requirements?

Open Digital Education has always been very involved in ensuring the safety and confidentiality of your personal data. Since day one, ONE has complied with the Virtual Learning Environment Strategic Plan (SDET), which establishes a framework of mutual trust (on a functional, technical, and legal level) and with the RU-0003 CNIL single regulatory act created by the French decree of November 30, 2006 and modified by the French decree of October 13, 2017, which governs the processing of personal data.

As part of the GDPR, Open Digital Education collects personal data and must therefore comply with the regulation.

Open Digital Education is GDPR compliant

A few important points to keep in mind:

o The personal data contained in ONE consists of the information you entered when you created an account or information you added to your profile.
o Open Digital Education hosts this personal data but does not use this information in any way.
o We do not sell or lease any of your personal data. We collect and process this information in compliance with the law and especially the GDPR.
o In accordance with the SDET, data are automatically and permanently deleted 90 days after an account is closed.
o Your data are hosted in Roubaix, France in a secured data center. The data center is physically secured to prevent anyone from accessing the infrastructure where the data are stored and is staffed by personnel who oversee the security of the location around the clock in accordance with the requirements of data safety norms and certifications.
o With respect to our communications with you, you may revoke your consent to receive emails at any time by clicking on “Unsubscribe” located at the bottom of the message.

Open Digital Education has changed its organization to ensure these new requirements are being followed on a daily basis.

In order to assure you that we are and will remain GDPR compliant over the long term, we have instituted several changes to our organization:

o We appointed a Data Protection Officer in accordance with the GDPR. This person is in charge of maintaining the processing register, which keeps a record of every processing operation performed by our solutions using personal data and their compliance with the GDPR.
o Each member of the Open Digital Education team receives specific training on the use of data and the sensitive nature of this work.
o Our help department has expanded its scope to include handling requests related to personal data management.