The EU General Data Protection Regulation (GDPR) is the most significant piece of European privacy legislation in the last twenty years. It replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights that EU individuals have over their data, and creating a uniform data protection law across Europe. Notta Systems complies with applicable GDPR regulations as a data processor.
Typically address data is delivered to Mailroom Assistant systems (Data Processor) by postal operators or corporations (Data Controllers).
The purpose of processing address data is that postal operators and corporations must be able to register, sort and deliver mail pieces company- or nationwide, and in order to do this effectively and within regulated time frame, automatic data processing and sorting is required. Because Mailroom Assistant develops and maintains such address recognition solutions , it must have access to data.
Personal data saved in Mailroom Assistant consists of following data items:
Corporate person ID number
Company address and department details are not considered as personal data.
There are basically two types of Mailroom Assistant installations. The location of the saved data depends on the installation type of the system:
Mailroom Assistant data is saved in Microsoft Azure Cloud. Mailroom Assistant cloud instances are located in Azure Northern Europe Region and physically in Dublin, Ireland.
Mailroom Assistant data is saved in a local server and database infrastructure and managed by the Data Controller in their premises.
In case of data breach, Mailroom Assistant will notify their customers, the controllers, immediately after becoming aware of the breach.
The data subjects have a right to get a copy of their personal data, free of charge, in an electronic format by written request.
The data subjects have a right to request deletion of their personal data and discontinuation of further processing of the data by written request.
The data subjects have a right to request transmission of their personal data to another controller. The transmission will be performed upon written request.
Notta Systems will hold and process only the data absolutely necessary for the completion of its duties (data minimisation), as well as limiting the access to personal data to those needing to act out the processing.