An overview of Riverbed’s GDPR-readiness efforts can be found here.
Data Processing Addendum
Riverbed offers its partners and customers a data processing addendum (DPA) that provides key
GDPR-related assurances about our products and services. Our DPA incorporates the Model Clauses approved by the European Commission to address the transfer of personal data outside of the EEA. The DPA can be accessed here.
To learn more about the types of data collected and processed by Riverbed’s SaaS and/or hosted product offerings, please review our product information fact sheets.
Riverbed is committed to providing robust privacy and security assurances to our partners and customers. This page provides links to the Privacy and Security Documentation for Riverbed’s Cloud Services.
What is the GDPR?
The EU General Data Protection Regulation (“GDPR”) is a new comprehensive data protection law that updates existing EU laws to strengthen the protection of “personal data”. The GDPR replaces the current patchwork of national data protection laws with a single set of rules, directly enforceable in each EU member state. The GDPR takes effect on May 25, 2018.
What is the definition of “personal data”?
Personal data means any information relating to an identified or identifiable natural person, so called “data subjects”. Examples of personal data include:
The GDPR also makes clear that location data and online identifiers, such as IP addresses, are considered personal data.
Who must comply with the GDPR?
The GDPR applies to:
Under the GDPR, organizations processing personal data are categorized as “controllers”, or the entities which control personal data, and “processors”, the entities that process personal data on behalf of the controllers.
In the context of providing products and services to our partners and customers, generally Riverbed will be considered a processor, and the partner or customer will be considered a controller.
What is Riverbed doing to prepare for the GDPR?
Riverbed will comply with the GDPR in the delivery of our products and services to our partners and customers. Riverbed has a dedicated internal team made up of cross-functional stakeholders overseeing Riverbed’s GDPR readiness. Riverbed has undertaken a comprehensive assessment of where and how our relevant products and services collect, use, store and dispose of personal data. We are working to update our policies, governance and documentation as needed. A high-level overview of Riverbed’s compliance efforts can be found at www.riverbed.com/gdpr.
Riverbed offers its partners and customers a data processing addendum (DPA) that provides key GDPR-related assurances about our products and services. Our DPA incorporates the Model Clauses approved by the European Commission to address the transfer of personal data outside of the EEA. The DPA can be accessed here.