itslearning erfüllt die DSGVO bereits vor Mai 2018

Customer information about the DSGVO

The new European Data Protection Regulation (DSGVO) , which was adopted by the European Parliament in 2016, is the most important change in data protection regulations in 20 years. It replaces the data protection directive 95/46 / EC as well as national laws and regulations of the EU / EEA area. The new regulation was written to strengthen individuals‘ privacy rights and to align data protection laws in Europe.

itslearning has met all data protection requirements for almost 20 years and welcomes the new regulation. We will actively do our part to ensure that all our customers also comply with the GDPR by May 2018. The potential of using technologies such as cloud services to increase the quality of teaching is enormous and is demonstrably promoted through targeted use. To realize this potential, it is important to earn the trust of teachers, learners and parents. In this sense, the increased focus on privacy and privacy thanks to the GDPR will serve all stakeholders to the advantage.

itslearning DSGVO-Obligation

For a company that already fulfills the current privacy regulations, the GDPR is not a big step. The organizational and technical security at itslearning has already been developed with regard to personal privacy. In addition, we continually update our services and operations to maintain the highest levels of data security.

For the services that we provide to our customers and end users in the cloud, itslearning acts as a processor under both the existing and new EU regulations. As a processor, we decide neither on the intention nor the lawfulness of the processing; we only process the data in the name of our customers. The DSGVO places stricter requirements on all data processors. We will fully meet these requirements for all our services, including itslearning and Fronter. At itslearning, we have been working with DSGVO for a long time to analyze the new regulation and to make the necessary changes in our services, processes and the company. In the coming months, we will receive all documents, Provide contract annexes and procedures that you may need to document compliance with the GDPR. We expect to fully meet them in the first quarter of 2018 – in good time.

Als Teil unserer DSVGO-Verplichtung können Sie davon ausgehen, dass itslearning:

  • organisatorische und technische Sicherheit für alle Dienstleistungen zusichert.
  • Ihnen bei der erforderlichen Dokumentation zwecks Erfüllung der Vorschrift und Endnutzerinformation behilflich ist.
  • Sie mit den neuen DSGVO-konformen Vertragsanhängen für Datenverarbeitungsabkommen versorgt.
  • notwendige Unterstützung bietet, wenn Ihre Endnutzer Gebrauch von ihren Datensubjektrechten machen.

itslearning has appointed a Data Protection Officer (DSB) within the meaning of the GDPR – in the same way as our customers, where this position is also named or possibly outsourced. In addition to monitoring our own compliance and on-the-spot training of our own employees, our data protection officer is available to our customers and their data protection officers to advise on privacy issues.

Contact details of our Data Protection Officer (DSB):
John Arthur Berg
+ 47 55 23 60 70
[email protected]

What does the DSGVO require from you as a customer?

Most of our customers are already working hard to ensure compliance with the new GDPR. The amount of work to do this depends on the nature of your organization and the currently compliant processes and policies. If you have not yet started implementing the GDPR, we recommend appointing a team that assesses the current situation and seeks legal advice to learn the necessary steps.

Generally the DSGVO requires:

  • to document and evaluate all processing of personal data as well as the systems used. The intention and the lawfulness should be defined, the processing of unnecessary personal data for the defined purpose should be waived.
  • to ensure the organizational and technical safety of the processing and to be able to demonstrate this. Evaluate and document your internal data storage and security processes. To demonstrate and document that your own technology provides sufficient technical security.
  • when using third-party services, such as ours, to process personal information, to ensure the data-processing requirements in accordance with the GDPR.
  • To undertake risk analysis when acquiring new technologies that are likely to be associated with high personal data risk – a data protection impact assessment (DPIA). For you as an existing customer, our services are not considered new technologies. Nevertheless, a privacy impact assessment could be useful and useful for compliance documentation.
  • Users (data subjects) have stronger rights under the new GDPR. Our customers will need a process in which requests for data subject rights are accepted and their request validity is evaluated.
  • The most important data subject rights include transparency and information. Make sure that the information regarding the GDPR is readily available to your users, including information on how they can exercise their rights. In the case of young users, this information should also be made available to parents.

Download the data processing agreement . Please send them to [email protected]

Please note that many of these requirements are already met by current regulations, so your organization is already working almost completely compliant.

We will always update this page.

For general questions about itslearning products / services, you can always contact your national itslearning office. For contractual or commercial questions, please contact your local customer service.

For specific DSGVO-related questions, please contact our Data Protection Officer (DPO) at [email protected]  or +47 55 23 60 70. Please note that communication with our DPO must be in English or Norwegian.

FAQ (Für KundInnen)