GDPR Compliance

Science Exchange’s Plan to Protect Your Data

Science Exchange is now General Data Protection Regulation (GDPR) compliant and committed to partnering with our customers and users to help them understand their rights under the GDPR. The GDPR is the most comprehensive EU data privacy law to date and will go into effect on May 25, 2018. GDPR is the successor to the Data Protection Directive (95/46/EC). The GDPR strengthens and standardizes user data privacy across the EU nations and sets forth new and additional obligations for all organizations that handle EU citizens’ personal data, regardless of where the organizations themselves are located. On this page, you can read about Science Exchange’s methods to achieve and maintain GDPR compliance:

  • Security of Science Exchange’s Platform and Infrastructure: Science Exchange is committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place appropriate technical, physical and managerial procedures to safeguard and secure the information we collect online. If you’d like to learn more about Science Exchange’s security controls, policies and procedures, please review our SOC 2 page.
  • Adequate Level of Protection for Data Transfer from EU to U.S. - Privacy Shield Certification: Science Exchange is committed to complying with Article 46 of the GDPR, which states that your data may be transferred to the U.S. only if appropriate safeguards are implemented. GDPR recognizes Privacy Shield as an adequate mechanism for the transfer of your personal data from the EU to the U.S. Science Exchange has received its Privacy Shield Certification from the U.S. Department of Commerce and will continue to support international data transfers by maintaining its Privacy Shield certification. Our Privacy Shield Certification can be verified on the Privacy Shield site. Furthermore, we updated our terms and conditions and service contracts to meet adequacy and security requirements for our customers who operate in the E.U.
  • Data Requests: Science Exchange has designated DPR Group as its EU Data Protection Representative to enable customers and users to exercise their data portability and data management rights under GDPR. To learn more, please visit our Data Request page.

We will continue to monitor the guidance around GDPR compliance from privacy-related regulatory agencies and will adjust our plans and policies accordingly.