At Fatster, we handle your personal data with extreme care. As you are sharing with us sensitive data, we make sure the highest security level is guaranteed.
In short at Fatster we are GDPR compliant (General Data Protection Regulation) and it is the highest standard of protection for personal data.
How GDPR defines personal data:
- Biographical information or current living situation, including dates of birth, Social Security numbers, phone numbers and email addresses.
- Looks, appearance and behavior, including eye color, weight and character traits.
- Workplace data and information about education, including salary, tax information and student numbers.
- Private and subjective data, including religion, political opinions and geo-tracking data.
- Health, sickness and genetics, including medical history, genetic data and information about sick leave.
There are 6 guiding principles of the GDPR:
- Lawfulness, Fairness & Transparency
- Legal Basis such as consent or legitimate interests for processing their data.
- Rights are upheld.
- Individuals are informed who is processing their data and the purpose of processing.
- Purpose Limitation
- Only process data for the purpose in which it was collected.
- Data Minimisation
- Only collect and process necessary data.
- That information about individuals is correct and up-to-date.
- Storage Limitation
- Only retain information for a period that is reasonable.
- Confidentiality & Integrity
- Data is secure at all times.
- All officials handling data are aware of their responsibilities.
What about Fatster?
Fatster collects personal data from the most sensitive group and as such, we took steps to secure the personal data that we hold. Organisations that fail to do this will face severe disciplinary action from data protection authorities.
- We have a strong security policy
- We plan and log all measures related to security
- All our partners to whom we send data are GDPR compliant
- Our staff followed a training about GDPR
The personal data that we collect are pseudonymised and encrypted.
- Pseudonymisation masks data by replacing identifying information with artificial identifiers.
- Encryption also obscures information by replacing identifiers with something else but whereas pseudonymisation allows anyone with access to the data to view part of the data set, encryption allows only approved users to access the full data set.
- We developed specific trainings for our employees by certified coach.
- Staff passed a GDPR exam and had at least 95% score.
You may want to contact our Data Protection Officer at firstname.lastname@example.org