Envoy and GDPR: How we support your GDPR compliance efforts

Here we explain the foundations of GDPR, how visitor management solutions play a part, and whether or not Envoy is GDPR compliant.
Sep 3, 2019
Envoy and GDPR: How we support your GDPR compliance efforts

The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. The regulation fundamentally reshapes the way in which data is handled across every industry. Workplace visitor management solutions are a key component in ensuring that your business maintains GDPR compliance.

GDPR was enforced in May of 2018, with the goal to provide stronger privacy protections to consumers. Though the regulation was created by the European Parliament and Council of the European Union, it is written to cover a global reach. If your company offers goods or services to EU citizens, then GDPR applies to you.

Although it can be tempting to continue operating as usual, violating GDPR regulations can have serious consequences. For especially severe violations, the fine framework can be up to 20 million euros or up to 4 % of your total global turnover—whichever is greater.

The good news is that compliance with GDPR can be relatively straightforward. Though we cannot offer legal advice to your business, we do want to explain the foundations of GDPR, how visitor management solutions play a part, and whether or not Envoy is GDPR compliant.

A new definition of personally identifiable information

Before we continue, let’s discuss the core of GDPR, which is how it defines personally identifiable information (PII). Names, addresses, phone numbers, employer information, and the like are all examples of PII. 

Under GDPR, the scope of PII is broadened further. For example, if your company logs IP addresses of website visitors, then GDPR applies to you, even if you don’t ask visitors for their names. Additionally, GDPR has provisions that state biometric data also is PII.

Under GDPR, even collecting the slightest amount of information, such as a website domain or workplace visitor’s first name applies.

The stakeholders of GDPR

Within the GDPR text, there are three key stakeholders involved with the law:

  • Data subjects: These are the individuals that you capture information from. This includes guests in your workplace that enter their information into your visitor management system.
  • Data controllers: Companies that collect and own PII are considered data controllers. This includes organizations that utilize visitor management tools.
  • Data processors: Entities that process PII to perform tasks are considered data processors. This includes companies like Envoy that supply visitor management solutions.

How Envoy Visitors simplifies GDPR compliance

Because you’re collecting personal data for your company’s use, Envoy customers are considered data controllers. Envoy Visitors can help support your GDPR compliance efforts in the following ways:

  • Keep visitor data private by having visitors sign in on an iPad, not an exposed logbook
  • Allow visitors to opt-out of providing their personal information
  • Create a custom privacy policy document in Envoy and let guests view it directly on the iPad
  • Request the anonymization of your visitor data when deemed necessary

Is Envoy GDPR compliant?

Yes, Envoy services comply with the GDPR, along with other crucial compliance and regulation needs. According to the regulation, there are different roles for companies based on how a company interacts with user data. Envoy is considered a data processor because we process personal data on behalf of our customers, who are considered data controllers.

As a data processor, we have prepared for GDPR by:

  • Updating our privacy policy to clearly surface how we process customers’ data
  • Confirming the vendors we use also adhere to GDPR
  • Developing an internal process that allows our customers to request the anonymization of their data
  • Publishing a Data Processing Addendum that help our customers comply with GDPR contractual obligations 

We’ve worked with customers in a variety of highly regulated industries, such as LightEdge (data center), AMAG (pharmaceutical) and Planet Labs (government), which means we take your complex compliance needs seriously. If you have questions, please contact security@envoy.com.

Heading

What’s a Rich Text element?

What’s a Rich Text element?

The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.

The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.

Static and dynamic content editing

Static and dynamic content editing

A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!

A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!

How to customize formatting for each rich text

How to customize formatting for each rich text

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Button TextButton Text
AUTHOR BIO
Writer

This post was written by one of the many writers at Envoy who are passionate about helping educate and inspire workplace leaders. We cover everything from the visitor and employee experience, to space and delivery management, to the workplace tech-stack that keeps it all running.

Read more

Security is critical for the future of your business. Learn how different types of security are important in the workplace and why you need them.

Learn how to choose a visitor management solution that’s right for you, including the best features to look out for.

A quality workplace has the power to make your organization thrive, if it's managed well. In this post, explore why workplace management is so important and how to get it right for you.

In this post, we’ll explore what workplace compliance is and how to build a compliance culture for your organization.

Managing your space well doesn’t have to be difficult. But to be successful you need the right processes and tools.

With more folks sending personal packages to the workplace, having a sound mailroom management system in place is key.

Demo
Contact