GDPR Compliance

At Carousel Digital Signage (a division of Tightrope Media Systems, Inc.), we are committed to being transparent with our customers regarding our privacy practices and compliance with European Union (EU) privacy regulations. We value your trust and are dedicated to protecting your privacy.

Our commitment to protecting the privacy of our customer’s data includes:

• A strong cultural desire to limit our use of personal data to only what is necessary to conduct business with our customers. When we do need to collect or use personal data, we do so only to communicate with you and provide to you with the services we offer. We have no interest in your personal data for any other reason.
• All employees and contractors are subject to background checks, sign non-disclosure agreements and are subject to ongoing security and privacy training.
• Establishing processes and tooling for addressing requests from you regarding your personal data.
• A comprehensive update to our Privacy Policy, with a commitment to doing annual reviews of this policy going forward.
• Leveraging third-party security experts to conduct annual penetration tests of our products.

What is GDPR?

The General Data Protection Regulation (GDPR) was adopted in 2018 to strengthen and unify data protection for residents of the European Union (EU), while also addressing the export of personal data outside the EU. The GDPR not only applies to organizations located within the EU but it will also apply to organizations located outside of the EU if they process the personal data of EU residents.

GDPR Compliance Steps

We have been working hard to ensure compliance with GDPR. Below are some of the things we are working on specifically for GDPR:

1. We have strengthened our security infrastructure.
2. While not legally required to do so, we have appointed a dedicated Privacy and Security Officer, who can be reached via email at privacy@carouselsignage.com.
3. We have identified our third-party vendors and classified the data that is transferred to them. A roster of our third-party data processors is available by contacting privacy@carouselsignage.com.
4. We have executed Data Processing Addendums (DPAs) with our vendors to ensure onward transfer of your data is safe.
5. We have adopted our own Data Processing Addendum and Standard Contractual Clauses (SCC) for our customers and users according to GDPR standards. The DPA and SCC are effective on Feb 1, 2020.
6. We have established an online portal for individuals wanting to make requests about their personal data.
7. We have appointed GDPR-Rep.eu as our Article 27 E.U. Representative. They can be reached at:

Maetzler Rechtsanwalts GmbH & Co KG
c/o Tightrope Media Systems, Inc.
Schellinggasse 3/10, 1010 Vienna, Austria
Website: https://www.gdpr-rep.eu
‍Please add the following subject to all correspondence:
GDPR-REP ID: 11082518

‍

Disclaimer

The content on this page is provided for informational purposes only and the information shared here is not meant to serve as legal advice or create any contractual or legal obligations for Carousel Digital Signage or its customers and users. You should work with legal and other professional counsel to determine exactly how the GDPR may or may not apply to you. The legal rights and obligations of Carousel Digital Signage and its customers and users are stated in our Carousel Terms of Use and other online agreements.

Dated:  January 28, 2020.

‍