GDPR Data Privacy

Nacelle utilizes enterprise-grade best practices to protect our customers' personal identifiable information, and leverages an automated platform to verify its security, privacy, and GDPR compliance controls and requirements. 

This rigorous, independent assessment of our compliance serves as validation of our dedication and adherence to the highest standards for personally identifiable information. 

What is GDPR? 

The General Data Protection Regulation (GDPR) (Regulation [EU] 2016/679) is a regulation by which the European Commission intends to strengthen and unify data protection for individuals within the European Union (EU). It forces stricter responsibilities on organizations to prove that they have adequate processes in place to manage and protect personal data. 

The EU defines "Personal Data" as "any information relating to an individual, whether it relates to his or her private, professional, or public life. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer's IP address." These obligations pertain to any organization that handles data about EU citizens - whether that organization is in the EU or not. 

What you should know about GDPR:

  • GDPR introduces a common data breach notification requirement– within 72 hours 
  • It’s a regulation and not a directive! This means that it does not require any enabling legislation to be passed by national governments
  • It applies to all organizations operating within the EU 
  • It introduces mandatory Data Protection or Privacy Impact Assessments (DPIAs) 
  • There is a liability for all organizations that touch any personal data 
  • It requires privacy implemented in systems and processes by design 


Continuous GDPR control monitoring 

Nacelle uses an automation platform to continuously monitor compliance controls across the organization. Automated alerts and evidence collection allow Nacelle to confidently prove its commitment to protecting your personally identifiable information any day of the year while fostering a security-first mindset and culture of compliance across the organization.

Nacelle views compliance monitoring as the foundation upon which our products are built and upon which trust with our customers is earned and maintained. 

We welcome all customers and prospects who are interested in discussing our commitment to security and reviewing our GDPR compliance reports to contact us.