The GDPR is an EU regulation about the personal data protection which will go into force on May 25, 2018. The regulation requirements can be organized in 3 topics:
As a user of AirVantage, there is no impact on your daily use of AirVantage. You have already access to all of your data, personal data included. You can change the information about you through Account Management. Have a look to this short tutorial .
We are reviewing our affiliates and suppliers to check their compliance with the GDPR.
We are working on improving the quality and the transparency of the information about how we process the personal data. Any such data are collected and used to supply our services and are not disclosed to any 3rd party organization (other than our affiliates and suppliers).
If your project aims to collect personal data about EU citizen with your devices, you must be compliant with the GDPR.
Please contact your Sierra Wireless sales representative if you have any question about the GDPR and our services.
If you process (collect, store, use, modify, transfer, …) “any data related to an identified or identifiable natural person […] directly or indirectly” from your devices, you may be compliant with the regulation as soon as the people are UE citizens, wherever you are (in or outside the EU). About the supplier’s contract, feel free to come back to us. For example, you store in a database information about module’s serial number and a physical person identified by the name, you collect latitude and longitude of your device which is in a car, a shoe, your solution and your organization must be compliant with the GDPR.
In this case, you are the controller (you control the purpose of the data) and Sierra Wireless is a processor (the supplier which helps you to process the data).
As a controller, you must check that each supplier is compliant with the GDPR by adding an addendum to your contract which clarifies your instructions about how the supplier can process your personal data.
Please come back to your sales manager to process consequently.
As soon as a company established outside the EU is offering goods/services (paid or for free) or monitoring the behavior of individuals in the EU, regardless of where the data is processed, the GDPR must be applied. If your are in North America, you have to be compliant with the EU+US privacy shield as well.
Check the GDPR section in the European commission web site.