Logo preload
closeLogo
Fulcrum on X

What the GDPR means for Fulcrum and its users

May 3, 2018

As more security breaches and data thefts by hackers come to light, consumers are demanding increased transparency and responsiveness from companies that process or store their data. In response, the European Parliament approved the General Data Protection Regulation (GDPR) to protect EU citizens and residents from privacy and data breaches.

As it affects Spatial Networks and Fulcrum users, we thought it might be useful to explain what the GDPR is and what we are doing to comply with the new rules.

About the GDPR

The GDPR replaces the outdated EU’s Data Protection Directive, which went into effect in 1995 — long before the internet was the business ecosystem that it is today. It standardizes data protection law across the EU and imposes new, stricter rules on how personally identifiable information (PII) is processed and stored.

The new rules take a broad view of what is considered PII. This includes:

  • Basic identity information such as name, address and ID numbers
  • Web data such as location, IP address, cookie data and RFID tags
  • Health and genetic data
  • Biometric data
  • Racial or ethnic data
  • Political opinions
  • Sexual orientation

Under the GDPR, companies’ requests for consent must use clear and plain language — they can no longer use terms and conditions full of legalese or other unintelligible verbiage — and it must be as easy for customers to withdraw consent as it is to give it.

Organizations will also be required to institute a breach-detection plan, regularly evaluate the effectiveness of security practices, and document evidence of compliance. They must also notify their customers “without undue delay” as soon as they become aware of a data breach. Failure to comply with the new rules may result in heavy fines.

The GDPR applies to all companies that process the personal data of EU citizens, regardless of that company’s location. According to a PwC survey, 77% of U.S.-based companies expect to spend more than $1 million meeting GDPR requirements.

The GDPR was approved in April of 2016, but organizations were given until May 25, 2018, to comply.

Fulcrum updates for GDPR compliance

Ahead of that deadline, we are introducing several changes:

  • We have updated our Privacy Policy and Terms of Service to better explain our relationship with our customers. Under GDPR, Spatial Networks is considered a “Processor” for our Fulcrum customers. The updated Privacy Policy outlines our role in helping our customers meet their GDPR responsibilities. Our GDPR Readiness Statement provides additional information on Fulcrum’s compliance with the requirements of the GDPR.
  • We’ve also reorganized our Terms of Service to include language covering Fulcrum Community as well as Fulcrum’s standard subscription service. This means that all Fulcrum users are covered by the same Terms of Service, regardless of how they are onboarded into the system.

We encourage you to take a look at our Terms of Service, our GDPR document, and our Privacy Policy for full details.

If you own your Fulcrum account, you can log in and accept the updated Terms of Service and Privacy Policy. If you do not own the account, contact the account owner to ensure they accept the updated documents. Continued use of Fulcrum after May 25, 2018, will show your acceptance of the updated policies.

We believe these changes will make things easier for our customers and demonstrate our commitment to protecting personal information.

If you have any questions, please contact us and we’ll be happy to help!