Recollective and Privacy Laws (GDPR)

Complying with an expanding set of global privacy and IT security obligations such as GDPR can be daunting. Learn how Recollective helps researchers.

Recollective actively supports its customers’ compliance with Canadian and European data protection requirements, including those set out in the General Data Protection Regulation (“GDPR”), which replaced the EU Data Protection Directive (also known as “Directive 95/46/EC“) and became enforceable on May 25, 2018.

If an organization collects, transmits, hosts or analyzes personal data of EU citizens, GDPRrequires the organization (you) to use third-party data processors (Recollective) who guarantee their ability to implement the technical and organizational requirements of the GDPR. That is done using a Data Processing Agreement (“DPA”).

Recollective's DPA governs the relationship between your organization and Recollective (acting as a data processor). The DPA facilitates your compliance with obligations under EU data protection law but it's important to note that you're still responsible for using those tools to ensure your own compliance. That includes:

  • Responding to requests from data subjects to correct, amend or delete personal data
  • Obtaining proper consent and ensuring data is removed once processing is complete
  • Reporting personal data breaches to relevant supervisory authorities and data subjects in accordance with GDPR timeframes
  • Demonstrating compliance with the GDPR as pertaining to Recollective's Services.

Further information is also provided in the video below.

Ready to get started?