Fiix is always committed to keeping your data and personal information safe. With the General Data Protection Regulation updates coming up on May 25, our priority is helping our customers comply with the legislature.
What is GDPR?
The General Data Protection Regulation, or GDPR, replaces the European Data Protection Directive. It is a European regulation on data protection and privacy for all individuals within the EU, and also addresses the export of personal data outside the EU. At its core, GDPR ensures the right to data protection for all EU citizens by giving end users more control over how their personal data is consumed, stored and shared by organizations both within and outside of the EU.
It enforces regulations on organizations to enable end users to give consent, revoke consent for use of their personal data, and ensure that their personal data is stored securely and can be removed on request.
How does this apply to Fiix, and you as a Fiix customer?
To properly understand how GDPR applies to you and your Fiix CMMS, there are two key terms you have to know:
The data processor stores and processes personal data on behalf of the data controller, but doesn’t control it or have responsibility over it.
The data controller is the person or company that controls and is responsible for collecting, keeping and using personal information stored in a system.
In this equation, Fiix is only the data processor. As a Fiix customer, you are the data controller and ultimately responsible for managing your end user’s data. But not to worry, we’re going to help make this process as easy as possible!
What information does Fiix process?
Fiix CMMS may collect personal data, which could include the following:
- Full Name
- Email address
- Phone number
- Pay rate
- Business-related files or images
- Other non-personal / system related inputs
Fiix does not collect sensitive personal data and we will never share any personal information with any 3rd party outside our organization and secure data centres.
How can you prepare for GDPR?
As a Fiix customer, your role is the data controller. We recommend that you connect with your Fiix account manager for more information on how Fiix collects personal data, and review any data processing activities that might be impacted by GDPR.
Once you identify the activities that you’re responsible for (as opposed to any activities managed by Fiix or other data processors) make sure your organization is in compliance with GDPR.
What is Fiix doing to address GDPR?
Fiix is committed to supporting our customers to help accept content, manage, and remove the personal data of customers from the production environment.
- End users are notified in the signup invitation email that continuing with signup provides consent for data controller to use personal data, as above, for the purpose of CMMS operations.
- Fiix provides the ability for an end-user to update/edit personal information required in the Fiix CMMS.
- Fiix provides the ability for CMMS administrator to update personal information for any individual
- Fiix uses customer data only for maintenance management requirements within a specific organization, or in aggregate across tenants for the purpose of understanding non-personalized utilization, system impacts, etc.