Apex Privacy has clients all around the world. Therefore, we are always on top of all legislation regarding Data Privacy. The current major ones are GDPR (EU), CCPA (California – USA), LGPD (Brazil), PIPEDA (Canada), PIPL (China), and the Australian Privacy Act and Principles (Australia).
Since our company headquarters is in Ireland and we believe that the EU GDPR is the most advanced and cultivated data protection regulation developed so far, we use it as the foundation of our approach for doing privacy the right way.
If any particular requirement directly applies to us under local law or regulation, in our capacity as our customer’s data processor, we will address it per our obligations under the law.
See more of our Privacy Policy.
The General Data Protection Regulation (GDPR) became applicable in May 2018 and established a structured and comprehensive framework on how to collect, process, use, and share personal data to protect the privacy rights of EU data subjects. The GDPR generally applies to any organization operating within the EU and any organisations outside of the EU that offer goods or services to customers or businesses in the EU - and process personal data of EU-based individuals.
The GPDR defines and distinguishes between two privacy roles when it comes to collecting and processing personal data: data controllers and data processors.
A data controller determines the means and purposes for personal data processing, while a data processor is a party that processes data on behalf of the controller.
Apex Privacy is the data controller of personal data relating to its website visitors, its employees, and some data related to its customers. It is further explained in our Privacy Policy.
Apex Privacy is the data processor of personal data that its customers submit for our data privacy analysis. We do so following our contractual obligations. We use third-party service providers to help us process this data (Sub-processors).
We undertake to use a reasonable selection process by which it evaluates the security, privacy, and confidentiality practices of proposed sub-processors that will or may have access to or process Customers Personal Data.
Listed below are the third parties with whom we may share customer data.