GDPR Compliance

Our commitment to GDPR and information security standards.
Contact us

The GDPR (General Data Protection Regulation) is an EU Regulation that replaced the 1995 EU Data Protection Directive (DPD) to significantly enhance the protection of the personal data of EU citizens and increase the obligations on organizations who collect or process personal data. It came into force on May 25, 2018. The regulation builds on many of the 1995 Directive’s requirements for data privacy and security but includes several new provisions to bolster the rights of data subjects and add harsher penalties for violations.

 

Our commitment

Barium has always made information security and customer privacy a top priority - and our conformance to the ISO-27001 certification since 2013 made us well prepared for the GDPR regulation. We have incorporated the GDPR regulation in our ISO 27001 routine to ensure compliance and continuous improvements (and of course we use our Barium-platform that is ideally suited to give an organization the tools, processes, and applications to become GDPR compliant)  Read more about our capabilities here.

Product

We also want to help you meet your obligations under the GDPR regulation to the extent that you use Barium to collect and store personal data. Therefore we have ensured that both we and our product are compliant with the GDPR.

Our Legal Documentation

Our legal documentation (namely our Customer Terms of Service, our Data Processing Agreement, and our Privacy Policy) has been updated and include the mandatory Processor provisions required by Article 28 of the GDPR. You can find all our legal documentation here

Decisions and routines on your side

Barium delivers a robust and multifaceted platform, enabling customers to create applications for several use cases and also process a different kind of information. Therefore it will be vital for you to decide what type of information you allow to store and process in the Barium platform (Barium Live) related to your internal policies.

  • Decide what information to store, how long to keep it, and if possible make it anonymous. 

Frequently asked questions

Where do Barium store its data?

Barium store all of its data in professional hosting sites within Sweden.

What personal data is stored by Barium?

By default, we only store name and email for our registered users and customers. However, many Barium applications can be used to process personal data. Moreover, for this, a client-specific routine need to be set up with the help and guidance from us. 

What legal right does Barium have to collect and process personal data?

Barium needs to collect and process name and email to deliver the service. Processing is necessary for the performance of the contract to which the data subject is a party. This is the reason why Barium does not base our processing on consent. However, our clients can (if they want) base their collection and processing of personal data in the platform on consent. Our platform is well fit for this.

 

How long do Barium keep personal data about our clients?

We keep personal data about our clients as long as we have an active business relation regulated in an agreement, or as long as we intend to create a business relationship that is regulated in an agreement.

 

How long do Barium process personal data our clients decide to store in our platform.

Customers can build almost any application within the Barium platform. They can fill these applications with any type of data. Our clients are in total control of their own data, including how long to store and process the data in our platform. By now, data need to be deleted manually, or by using our automatic functions. This will need to be set up together with a Barium consultant designed to your specific needs.

Also, note that all data will be stored 30 days extra after deletion in our backups before the data is deleted beyond restoration. This can be good to take into consideration when communicating with registered individuals before they consent to any processing.

 

Does the Barium Licence Agreement comply with GDPR regulations?

It is very well aligned. You can read all about our Terms & Conditions here 

Where can I find more information?

We do have a comprehensive white paper on our GDPR efforts. Just get in touch with us, and we can send it over.

Do you have any questions?

Fill out the form and let us contact you!