General Data Protection Regulation
The General Data Protection Regulation (“GDPR”) is a new privacy law which takes effect in the European Union (EU), including the United Kingdom (UK), on May 25, 2018. The GDPR places additional obligations on the protection of Personal Data (as defined in the GDPR) belonging to EU/UK residents on companies and other organizations that offer products and services in the EU and UK.
Altus Group and GDPR Compliance
Altus Group (including ARGUS Software) is committed to compliance with applicable obligations under the GDPR for its products and services (“Products”) once the GDPR takes effect. Altus Group is reviewing and updating its internal policies and procedures to ensure compliance with the obligations applicable to Altus Group for its Products. We are also committed to training relevant employees on the GDPR.
Compliance is a Shared Responsibility
GDPR compliance does not rest solely with Altus Group. Primary responsibility rests with our customers, who must ensure they have processes and procedures in place to ensure they are able to comply with the GDPR. Our Products contain features which can help ensure a customer can manage and administer Personal Data they store within the Product. Furthermore, our customers must ensure they have implemented appropriate security controls and processes for our on premise products they install within their own environment and infrastructure.
In addition to the best in class and industry leading features available in our Products, our software Products also contain features which allow customers to:
- Access the Personal Data stored in the product
- Rectify Personal Data
- Erase Personal Data
- Export Personal Data
- Administer and restrict access to Personal Data
Contact the ARGUS customer support team if you have questions about how to use these features.
For our customers in the European Union and United Kingdom, we have an updated UK/EU Privacy Statement.
In addition, for our EU/UK customers using our software Products, we are able to comply with the Standard Contractual Clauses (Model Clauses), where required.
Altus Group Certifications
The protection of our client’s Personal Data is important to us. Our cloud Products undergo third party information security/compliance reviews. ARGUS Voyanta® is ISO 27001 certified and ARGUS On Demand is SOC II compliant. Other ARGUS products undergo information security reviews and are developed in accordance with industry appropriate practices.
- For EU/UK customers of ARGUS software products or services, our ARGUS Data Processing Addendum is available for download.
- For EU/UK customers of Altus Group tax/ratings services, our Altus Group Data Processing Addendum is available for download.
- For technical support inquries for our software Products, please go to the ARGUS Support Portal
- Please download and follow the instructions contained in our Subject Access Request Form to make a subject access request.