Freshworks ensures conformance to global regulations and industry practices in order to maintain privacy and security of its customer’s data. All our products provide GDPR-ready capabilities to help our customers meet their compliance obligations. Freshworks extends these capabilities not only to customers in the EU, but to all our customers worldwide.
To strengthen an individual's rights to privacy, the European Union brought about the General Data Protection Regulation or GDPR, fortifying existing directives on data protection. The Regulation issued by the European Union applies to businesses processing personal data of European residents, and has been in force since 25th May 2018.
Ensure fair and transparent processing of customer data
Incorporate security by design in products, to protect personal data
Streamline processes to help customers meet compliance obligations
Committed to protecting our customers personal data, Freshworks is here to help our customers understand significance of the GDPR, its requirements and our allegiance to align with global standards.
The GDPR encourages businesses to be responsible about an individual’s data. By ensuring protection and privacy of this data, businesses earn customer trust and they are likely to engage better with the business. GDPR provides a framework for businesses to standardize and regularize real-world security and privacy needs of an individual's data used for business purposes. The key principles which the GDPR requires businesses to operate on are:
The GDPR applies to organisations located within the EU and also organisations located outside the EU. It applies to all companies processing personal data of individuals residing in the European Union, regardless of where the company is located.
The regulation has been in effect since May 2018, after a two-year transition period.
The DPO is responsible for informing employees of their compliance obligations as well as conducting monitoring, training, and audits required by the GDPR. A DPO needs to be appointed if you:
All Freshworks products and services are compliant, and to help our customers meet their compliance obligations our products have released new features. Read more on GDPR-readiness features on Freshdesk, and click here for more helpful resources on the Freshworks product suite. These product capabilities are not restricted to the EU, but available to all our customers worldwide.
No, the GDPR does not require EU personal data to stay in the EU, nor does it place any new restrictions on transfer of personal data outside the EU. Data transfers from the EU to outside can be legitimized in many ways including,
Meeting compliance requires investments in time, effort, cost and expertise. The solution lies in being part of cloud or SaaS ecosystem, that is already operating on a secure model for data management. This provides a safe environment to manage and process your data, and accommodate efforts required to keep pace with changing policies. This way you can focus on the success goals of your business and not worry about infrastructure and security requirements to meet compliance.
GDPR requires fairness, transparency, accuracy, security, minimisation and respect for rights of the individual whose data businesses want to process. The GDPR helps restore consumer trust by governing rules of data protection and rights across the EU. This helps gain customer trust, and they are likely to engage better with the business. Apart from this businesses can capitalize on opportunities through:
Consent is one way, but it’s not the only way to process data. The GDPR provides other ways of processing data:
Individuals have the right to have their personal data deleted, in the event that it is no longer needed.
Data protection by design means, ensuring only that personal data which is required is collected, and also incorporate privacy features and functionality into products and services from the time they are first designed.
Data protection by default means, businesses must implement appropriate measures to mitigate privacy risks at the time of collection of the data, as well us by extending it at the time of processing it.