Hero image Hero image

Compusense

Compusense and the European Union General Data Protection Regulation (GDPR)

 

As a global provider of sensory and consumer research software and services for over 30 years, Compusense has taken a proactive stance on security and privacy. Our Software as a Service (SaaS) application, Compusense Cloud, has been operating for 10 years and has provided robust, secure service to a wide range of clients.

We've had ongoing third-party auditing of our application to ensure we're able to deliver the level of security our clients require. Since 2014, we have had SOC audits conducted annually to verify our commitment.

With the introduction of the General Data Protection Regulation (GDPR) in the European Union on May 25, 2018, Compusense has committed to providing the necessary functions, notifications, and data safeguards to ensure our compliance with these requirements.

This page summarizes our compliance to the GDPR requirements. For further information about Compusense's GDPR compliance, please contact us.

Recent Updates

The following updates have been completed in Compusense Cloud as part of meeting GDPR requirements:

  • Encryption of data at rest 

    • While Compusense Cloud data has always been encrypted in transit, now all subscription data in Compusense Cloud is also encrypted at rest.

  • Panelist Management Features 

    • New features have been implemented to ensure that panelists are given the option to “opt-in”, and can be automatically prompted for their consent

    • Analysts can reset panelist passwords, forcing panelists to create a new password when they log in

    • Analysts can now provide automated prompts to panelists to ensure that their information is up to date.

  • Logging

    • Panelist and analyst activity logging has been increased to meet GDPR requirements

    • Subject Access Reports can be generated on-request

Existing Compliance

Security and Privacy Stance

Compusense Cloud was built with a proactive security and privacy stance. Since 2015, Compusense Cloud has been subject to SOC 2 auditing on an annual basis. The Compusense Cloud hosting environment is subjected to testing by an outside service to ensure all security vulnerabilities are addressed. Compusense has taken a “secure by default” position with Compusense Cloud (formerly Compusense at-hand) since the introduction of the service in 2007.

Privacy of Panelist Information

Compusense Cloud allows for the classification of panelist information as “sensitive”. Any information provided by a panelist in a field marked as “sensitive” (e.g. demographic information such as age or gender) is only visible to analysts with appropriate permissions, and is automatically wiped from the database when a panelist is deleted.

The collection of panelist information in Compusense Cloud has always included the ability to ensure that a consent form is agreed to by the panelist, and the agreement is recorded with the panelist record in the database.

Policies

Compusense’s Software as a Service team has had in place extensive privacy and security policies to deal with the possibility of a data breach. These policies meet the requirements for GDPR, including the requirement for notifications. The Compusense Cloud data centres include all necessary monitoring (both of the physical data centre as well as the network) to ensure supervision according to the GDPR.

For more information about Compusense and GDPR, please contact us.

 

Close