Airship and GDPR

Suk Kim Senior Vice President and General Counsel

After many years in the making, General Data Protection Regulation (GDPR) is nearly here. At Airship, we’ve welcomed GDPR as an opportunity to prove our commitment to data protection and privacy rights. As your trusted provider, we’re also committed to supporting your GDPR-compliant use of our platform.

As you are probably already aware, GDPR is a comprehensive data protection law that regulates the processing of personal data of individuals in the European Union (EU).

This new law takes effect on May 25, 2018. GDPR aims to protect the privacy of EU individuals through tighter limits on personal data processing, increased transparency into the nature, purpose and use of personal data, and expansion of each individual’s rights over their data. The GDPR presents an opportunity for your business to strengthen its brand loyalty by building trust through responsible use of personal data.

We wanted to share some highlights of the steps we’ve taken to prepare for GDPR. For more in-depth information, please visit our GDPR resource center, GDPR FAQs, or our Legal page.

Privacy by Design

We’ve made sure privacy is a foundational part of our products. We have a core team comprised of senior members of the Engineering, Operations, Security, Product Development and Legal teams that meets regularly to proactively apply Privacy by Design and Data Protection by Default principles to our product enhancement, development and operations.

These data privacy standards, controls and features are available to all Airship customers — not just those processing EU personal data. This means that as other countries implement GDPR-inspired privacy regulations, you will be well positioned for future privacy compliance efforts in other parts of the world.

Product Enhancements

To help our customers comply with the GDPR, we’ve made — and continue to make — enhancements to the Airship platform to provide controls and features, including APIs and opt-out features, that help customers respond to data subject requests. 

These product level controls and features are described in Airship’s documentation. Additionally, we have implemented a data retention schedule for the Airship platform so that personal data isn’t retained any longer than necessary. 

We continue to listen to our customers and explore ways to simplify and further automate our product and service offerings to better support GDPR compliance.

Strengthening Security

We’ve implemented a set of security processes and controls to help protect the data entrusted to us through your use of the Airship platform. Processes and controls are audited annually by an independent third party against the SSAE-18 SOC 2 standards. Learn more about these security processes and controls in our Security Measures document.

Updated Privacy Statement

We released an updated Privacy Statement on our website. We’ve also released an updated Data Processing Addendum that contains revised and additional provisions to assist you with your compliance with the GDPR.

There’s more — much more — that we’ve done and will continue to do to make privacy a priority. Be in touch anytime if you have questions or need additional information.