LogMeIn & GDPR
As a global company with customers in nearly every country in the world, protecting the personal data of our customers and their end-users continues to be a priority. GDPR represents an opportunity to continue our commitment in this area.
LogMeIn already participates in the EU-U.S. and Swiss Privacy Shield Frameworks and is compliant with current applicable EU data protection rules. At LogMeIn, our ongoing compliance review and actions build on our existing investments in privacy, security, and the operational processes necessary to meet the applicable requirements of GDPR by May 25, 2018.
Our Commitment to Security & Data Protection
While the GDPR does not introduce significant new requirements to LogMeIn’s security and privacy practices and principles, we are hard at work to ensure compliance by the implementation date.
Here are a few ways we are currently providing our customers assurances around the transfer of their personal data:
- Data Security: LogMeIn maintains rigorous technical and organizational security practices and measures both in how we handle customer Content (as this term is defined in our Terms of Service), including any personal information located therein, but also in the capabilities our services and products to assist you in safeguarding your Content. We continue to evaluate industry standard practices with respect to data privacy and information security and strive to continuously meet or exceed those standards. To learn more about how we do this, please visit the applicable service or product website and check out the “Support” or “Resources” section.
- Data Processing Addendum (EU Standard Contractual Clauses): We have long offered our customers a Data Processing Addendum (DPA), which incorporates the EU Standard Contractual Clauses (“SCCs,” also known as the EU Model Clauses) and include LogMeIn’s Technical and Organizational Data Security Measures. The SCCs are time-tested and continue to be a valid and recognized legal mechanism for ensuring that any personal data leaving the European Economic Area will be transferred in compliance with EU data-protection laws. LogMeIn continues to maintain the operational processes necessary to meet the stringent SCC requirements for the transfer of personal data to processors, which in turn allows us to provide our customers with contractual guarantees for the protection of their personal data. Further, upon request, and no later than the GDPR implementation date, LogMeIn will offer a revised DPA that includes a GDPR-specific addendum to ensure that LogMeIn and our customers have appropriate GDPR-specific contractual provisions in place to allow for the legal transfer of personal data.
- Privacy Shield: LogMeIn also demonstrates its commitment to maintaining appropriate privacy and security standards around the collection, use, transfer, and retention of personal data from the EU and Switzerland by participating in the EU-U.S. and Swiss Privacy Shield Frameworks. Find out more here.