The countdown has begun! Join us for our biggest HexCon yet, this September 20-22.

Register now

GDPR ready Unified Endpoint Management

What is GDPR?

The General Data Protection Regulation-or GDPR that came into effect on 25 May 2018, is a groundbreaking data protection law. It has set new benchmarks for global privacy rights and compliance.

The GDPR has replaced the older EU directive on data protection with a more standardized law reinforcing individuals' rights, and in line with the European sense of privacy as a fundamental human right.

GDPR regulates how businesses and individuals can gather, store, transfer, use and remove people's personal data.

Mitsogo is compliant!

We at Mitsogo had been on a mission of procedural overhauls, audits, training, and documentation to provide our customers with a GDPR ready platform for managing their mobile devices. Being an endpoint security company, data protection and user privacy is at the heart of everything we do. We do not sell customer data to third parties nor do we serve ads on our websites or products.

We had our production environment, policies, and procedures, comprehensively reviewed by a leading Consulting firm and put in place additional measures based on their risk assessment and gap analysis. In the context of our Mobile Device Management solution, Hexnode UEM, we understand all our obligations as a Data processor. We have a dedicated team to handle all compliance requests and are fully committed to making the GDPR transition as seamless for our customers.

GDPR readiness and transition

  • Data Inventory

    We had conducted extensive audits to precisely document the different aspects of personal and non-personal data collected. Our solutions have an underlying policy framework that lets our customer, acting as the Data controller decide how and what data are collected, stored and deleted on a granular level.

  • EU Data Centers

    We automatically assign EU data centers to our customers in the European Union. As a Data controller, you can make sure, all personal data of the users you manage through Hexnode UEM cloud stays right in the EU. Our EU data centers are located in Germany, where the privacy legislations are among the most stringent in the world.

  • Privacy policy

    Our privacy policy clearly describes what personal information we collect from you, why and how we collect it, what we do with it, who we share it with and how long we store it. We have updated our privacy policy to reflect the changes mandated by GDPR, and with more information on how you can control and make choices with the data, you provide us.

  • Consent

    GDPR places a higher responsibility on Data controllers when it comes to processing personal data on the grounds of user consent. We have revamped permissions and consent across all our solutions to help our customers, as Data controllers, obtain consent in a clear and distinct manner. Data subjects can withdraw consent just as easy.

  • Data Subject's Rights

    We want to help our customers, who as Data controllers, need to have the ability to access, update, retrieve and delete personal data which is why we offer powerful features across our solutions to honor data subjects' requests regarding personal data. You can quickly identify users, edit their information, save and export across all our solutions.

  • Breach Management

    GDPR mandates new notification requirements for breaches that lead to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to personal data. Though we already have a comprehensive breach management and communication plan, we have updated it to align with the GDPR requirements and to help our customers meet their obligations in the unlikely event of a personal data breach.

  • Data Protection Impact Assessments

    Our Engineering team always exercise caution and extensively weigh risks when considering feature requests that may potentially infringe user privacy. So, implementing a formal Data Protection Impact Assessment (DPIA) process as part of the GDPR legislation has been an easy decision for us. Now that we have integrated DPIA into our process flow, it will continue to stay for all our future offerings too.