PubNub Product Updates

We’re GDPR Compliant!

2 min read Michael Carroll on Jan 22, 2018
Try PubNub Today

Free up to 1MM monthly messages. No credit card required.

Subscribe to our newsletter

By submitting this form, you are agreeing to our Terms and Conditions and Privacy Policy.

We’re excited to announce that we comply with the soon-to-be-enforced European General Data Protection Regulation (GDPR).

We’re excited to announce that we comply with the soon-to-be-enforced European General Data Protection Regulation (GDPR).

So, why are we sharing this with you?

If you provide software that engages European users, the GDPR regulations will require that you keep your European customers’ data protected, per the standards set in GDPR. Even if you don’t have an office or other presence in Europe, this still applies.

The GDPR will apply in all EU member states starting May 25, 2018. It was formalized on May 25, 2016, after all parts of the EU agreed to the final text. But the law will apply to all businesses and organizations on May 25, 2018.

All companies that transfer personal data with EU residents will need to comply with the GDPR. The regulations outline “Controllers” and “processors” of data. A data controller states how and why personal data is processed, while a processor is the party doing the actual processing of the data. Even if controllers and processors are based outside the EU, the GDPR will still apply to them so long as they’re dealing with personal data belonging to EU residents.

PubNub has put in place processes and procedures to comply with the various provisions of GDPR – data protection addendum, data deletion, data retention, and Pseudonymation/ anonymization. In addition, PubNub has appointed a Data Protection Officer and Article 27 representative, and has incorporated GDPR principles in our product development planning. And we will work with our customers to complete a Data Protection Impact Assessment policy.

To ensure you are GDPR compliant, use PubNub for your real-time applications, and also take these additional steps:

  • Create a Data Map: Document the personal data you hold, where it came from, who you share it with and what you do with it.
  • Enable Withdrawal of Consent: Users must be able to withdraw consent from companies processing their personal data.

Note that more regulations are still forthcoming. See more compliance details here.

More from PubNub

NPP and HIPAA: Notice of Privacy Practices Definition
Healthcare CategoryJan 6, 20235 min read

NPP and HIPAA: Notice of Privacy Practices Definition

A Notice of Privacy Practices (NPP) is one of the requirements of HIPAA and helps patients understand their personal data rights.

Michael Carroll

Michael Carroll

HIPAA Violation Examples
Healthcare CategoryJan 5, 20236 min read

HIPAA Violation Examples

HIPAA violations can be financially expensive and devastating to a brand. Examine some examples of HIPAA violations, and learn...

Michael Carroll

Michael Carroll

HIPAA Technical Safeguards: How To Protect Sensitive Data
Healthcare CategoryJan 5, 20236 min read

HIPAA Technical Safeguards: How To Protect Sensitive Data

HIPAA covered entities must follow the five technical safeguards to achieve HIPAA compliance and prevent data corruption.

Michael Carroll

Michael Carroll