How you and your customers will have more control over your data
The General Data Protection Regulation, GDPR, is Europe’s way of strengthening and unifying data protection for all individuals within the European Union. Here at Award Force, we want to offer consistent protection to citizens globally, which is why we have been working hard to ensure that every Award Force client has access to a transparent system that encourages all users to trust your program and to help you comply with the world's most stringent data protection laws yet.
While the GDPR imposes requirements on organisations that may be stressful to fulfil, it’s also an exceptional law that Award Force fully supports. We should all be concerned with companies farming our data, using it for nefarious purposes and spamming us endlessly. This is an important step in the maturation of our digitally connected world.
The following are steps we are taking to ensure compliance and keep your team, your judges and your entrants’ data safe:
Right to be forgotten
You will need to be able to permanently delete participant data (your judges/assessors + entrants/submitters) to comply with data protection and privacy regulations. Award Force will be ready with all the features to enable you to meet your obligations under the GDPR and delete data on request.
Under GDPR, your program participants in the EU have the right to see all the of the data you hold about them, and that this data be in format that can taken elsewhere. We’re building a feature to make this easy for you— so that you can download a package of an individual user’s data to provide them, with minimal effort.
We’ve made the carefully considered decision to move the Award Force application, data storage and processing to data centres within the EU. Previously, your data was stored and processed within Australia. By moving platform data to the EU we can better protect you and your participant data under the most robust privacy laws to-date.
We are working hard on a new feature to ensure that you are able to respect your participant wishes when they request only specific forms of contact through your Award Force platform. We will ensure you are well informed of it’s capabilities before GDPR arrives.
Award Force has always had an exceptional focus on security and nothing will change our stance here. We are now fully compliant with PCI-DSS and finalising our ISO 27001 accreditation. More data protection features include:
- You have the opportunity to apply additional protections to specific fields containing personal data or sensitive data
- Our infrastructure comes with replication, backup, and DR planning by default
- Our technology stack leverages encryption in transit, encryption at rest, and advanced threat detection
- Our application services implement identity, authentication, and user permissions
- Our server security is top class, we manage our own secure Virtual Private Cloud (VPC), our application and data is never in a shared hosting environment, and can only be accessed by authorised users via SSH key-based authentication.
For more information on security, visit our security webpage here
The GDPR is a really positive step for the protection of individuals’ personal data. Award Force fully supports and is committed to meeting and surpassing GDPR requirements and will continue to champion the rights of individuals to ensure the protection of their personal data. I would like to encourage our non-EU clients to consider embracing the GDPR too."
Founder and Managing Director of Award Force - Richard de Nys