At WeCP, we understand the value of ensuring your data security, privacy, and compliance with necessary regulations while using our Software as a Service (SaaS). Particularly when serving our European customers, we are mindful of the robust legal framework within the European Union (EU). This article aims to walk you through the key EU laws that WeCP diligently adheres to while delivering our services.
Upholding GDPR Standards
WeCP complies fully with the General Data Protection Regulation (GDPR). This critical EU legislation regulates the handling of personal data. We adhere to its principles by ensuring transparency about where your data is stored, who can access it, and how it's protected. We strictly obtain user consent before collecting and using any data and enable users to access, correct, or delete their data at their request. Download the policy
Ensuring Safe Transactions with PCI DSS
In the interest of securing all card payment transactions, WeCP complies with the Payment Card Industry Data Security Standard (PCI DSS). This commitment ensures that all card information processed, transmitted, or stored via our services is meticulously protected. Download the policy
Adherence to ISO/IEC 27001
Although not a mandatory standard, WeCP adheres to ISO/IEC 27001 to underscore our commitment to maintaining a robust information security management system (ISMS). This guarantees that all our services are designed with a primary focus on information security. Download the policy
Cross-border Data Transfers
While the EU-US Privacy Shield framework was invalidated as of our last update, WeCP is keeping a close eye on any successor agreements that might come into effect. We are committed to ensuring that any transfer of personal data from the EU to the US will comply with the latest agreed-upon protocols. Download the policy
Observance of NIS Directive
WeCP acknowledges the importance of the Directive on Security of Network and Information Systems (NIS Directive). If our services fall within the classification of a Digital Service Provider (DSP), we ensure that we meet the directive's compliance requirements for enhanced cybersecurity. Download the policy
ePrivacy Directive (Cookie Law) Compliance
WeCP is fully compliant with the ePrivacy Directive, also known as the Cookie Law. We always inform visitors about any cookies or similar technologies used by our platform and obtain their explicit consent before implementing such technologies. Download the policy
In conclusion, data security and compliance are a continuous journey, not a destination. We are dedicated to managing, monitoring, and regularly reviewing our practices to ensure your data remains secure and private. Our team is regularly trained and updated on data handling and protection obligations.
We believe in transparency and building trust with our users. WeCP is dedicated to being proactive in our communication, ensuring our customers have a clear understanding of how their data is protected.
Please note that laws and regulations can change over time, and additional requirements may exist for different countries within the EU. As a result, WeCP is always on top of these changes, ensuring we remain compliant at all times. We are committed to providing a secure and trustworthy SaaS experience for all our users.