The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU.
This affects all services within EU and also Eliademy. Here is our statement of compliance with the upcoming change. As this law is new and interpretations may vary, we in good faith and to the extent of what we understand, we have the following view:
- Personal data
Personal data is any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address.
Eliademy stores personal data but very limited to Photo, Name and temporarily IP of a computer. Courses created could be the Intellectual Property of an organization for whom the employee works and might have a separate agreement on the subject.
All data are stored in Helsinki, with additional servers in Germany and France and we do not send voluntarily any data to outside EU countries.
- Decisions based on algorithms
Eliademy does not make any algorithmic decisions related to a person or a course. Once we deploy Artificial Intelligence, Machine learning we will inform what are the decision points to the public so everybody is aware
All Eliademy users are informed upon login about Cookies and another tracking technologies and by login in, they accept our Terms of Service. We do not advertise the platform to kids under the age 14 and we forbid the usage by underage kids as described in our Terms of Service
- Data protection officer
Is our CTO and can be reached at cto at eliademy dot com
- Pseudonymisation of personal data
We are relying on obfuscation methods that our open source code supports. We are investigating the need for additional obfuscation and if we see that we will need an additional layer of security we will automatically apply a new one.
- Data Breaches
From 2013 to now, Eliademy never had a security breach and we do not intend of having one. However, in the case that our service will be compromised then we will follow the regulation and report asap the incident to the local authority
- Right to be forgotten
From day one, Eliademy is applying the rule that all data are erased upon a request of a user. All users can delete all their records by sending an email to support at eliademy dot com
- Data portability
We offer, as paid service, the movement of Personal data and Course data if requested. The content would be exported in Moodle format and costs 100 euros per working hour for data to be moved.
We congratulate EU for taking a stand on the Privacy of Personal data, we are also internet users as well. We will update our policy and compliance note as more interpretations are available. For the time being, we believe that we comply with the regulation from our day 1, February 2012.
We believe Eliademy was one of the first LMS platforms to have a liberal Terms of Service by giving the opportunity to be forgotten, by protecting the data without a breach and by having an option to migrate Course data to another compatible platform.
In case of further concerns, you can always ask support at eliademy dot com for more clarifications. If you are business, we even have multiple courses that you can take on the subject, for free.