Introduction

TIE Kinetix N.V. and its affiliates (TIE Kinetix) deliver SaaS Services and other IT Services, including embedded services of TIE Kinetix’ suppliers (hereinafter all referred to as SaaS Services), enabling businesses and governments to exchange, convert, and process business-related data.

While delivering SaaS Services, TIE Kinetix solely serves as the data processor and its customers and partners of customers as the data controller. TIE Kinetix does not access the content of the data. Therefore, the scope of the following roadmap is limited to TIE Kinetix as a processor.

Incidentally, in order to provide the SaaS Services, personal related data such as IP- or e-mail addresses and professional contact information will be processed.

TIE Kinetix has initiated an internal GDPR Compliance project in 2017, involving all TIE Kinetix disciplines and affiliates (including TIE Nederland BV,  TIE Kinetix DACH GmbH, Performance Analytics GmbH, TIE Kinetix SAS and TIE Commerce Inc).

In case of any question related to the TIE Kinetix GDPR Compliance project, please send an e-mail to privacy@TIEKinetix.com. Information is also available at www.TIEKinetix.com.

Approach

At the TIE Kinetix headquarters, a Security Officer (the Chief Technology Officer) and a Privacy Officer (the General Counsel)  is appointed to coordinate the GDPR Compliance project and to secure GDPR Compliance as from May 25, 2018.

To be able to comply with the GDPR regulations, TIE Kinetix has implemented organizational, administrative and technical controls. The TIE Kinetix GDPR compliance project has been executed based on the following principles and assumptions (status March 2018):

  • Promoting awareness of new legal obligations for all TIE Kinetix staff and contractors across the globe;
  • Overview/assessment of data processing has been executed;
  • Data protection impact assessment has been executed;
  • A security assessment has been executed;
  • SaaS Services and software will be created based on Privacy by design and by default;
  • Security Officer has been appointed;
  • Privacy Officer has been appointed;
  • A Privacy Policy has been implemented
  • A Data Breach Policy has been implemented;
  • All TIE Kinetix Staff and contractors are subject to the TIE Kinetix IT & Security Policy;
  • Consent of the individuals to store and process their personal data has been arranged;
  • Rights of individuals related to personal data are respected at all times (such as correction and deletion of personal data);
  • Contractual obligations are the legal basis for data storage and processing by TIE Kinetix;
  • The Dutch Privacy Authority is competent for all TIE Kinetix privacy issues in Europe.