The EU General Data Protection Regulation (GDPR) expands the rights of individuals to control how their personal data is collected and processed, and places obligations on organisations to be more accountable for data protection.
Mobenzi is committed to ensuring compliance with the requirements of GDPR, both in our role as a Data Processor and in support of our customers - who assume the role of the Data Controller in terms of the GDPR.
Our support of GDPR compliance is achieved by fulfilling our obligations as a Data Processor in situations where our customers collect personal information about Data Subjects where the GDPR applies and in providing guidance to customers to assist them in their obligations.
It should be noted that Mobenzi does not capture personal information directly but our software can be used by customers to collect a wide variety of data, including personal information from Data Subjects. Data are typically collected by a fieldworker representing or employed by one of our customers using our Android application. Captured data is uploaded to and resides on our servers and we store and process this data purely in our role as a Data Processor.
It is the responsibility of the Data Controller to ensure that informed consent is obtained when capturing personal information. The consent process can be integrated into the data collection process (e.g. by adding relevant questions and validation to an electronic form administered using our mobile application) or take place via a separate, paper-based process.
As Mobenzi has no control over the specific forms, fields, purpose or nature of data collected by its customers we cannot enforce any form of informed consent.
We comply with the GDPR by securing access to the data stored by our systems. Mobenzi allows its customers to define granular data access permissions to authorised users. As we have no control over the specific fields, purpose or nature of data collected by our customers we cannot mandate specific data access policies to our customers, but our software supports the necessary controls which can be configured to ensure the protection of personal data in line with GDPR requirements.
By default all data transmitted between edge devices (e.g. our Android application and web browsers) are encrypted and stored in a secure data centre. Our server infrastructure is expertly hosted within the EU. We have partnered with world-class service providers: Amazon Web Services and Digital Ocean. Their stringent standards for data protection and security made them our choice for all of our customer data, including customers in the United States and the EU.
Access to customer data is limited to our internal team (e.g. support, database administrators). We have implemented a range of protection layers including: non-disclosure agreements with all staff, automated monitoring of data access events, “need to know” policies which limit data access to the minimum required by an employee to render the relevant service/function, and terminal lockdown ensuring only dedicated terminals may be used to access data.
Our Data Management guide contains more information on how we protect data.
Data Subjects have the right to request/review the data stored about them from the Data Controller and port this to another location. Portability of personal data is supported via our standard export capabilities. Customers may select the record(s) associated with the personal data and export these in an industry standard format such as Microsoft Excel or CSV. These exports may then be made available to Data Subjects.
Data Subjects have the right to be forgotten. Data Subjects must submit their requests for data held about them to be deleted to the relevant Data Controller who may then utilise one of our standard interfaces to delete associated records.
Customers can delete any record previously captured (which may contain personal data) via the web console or API (users must have been granted necessary permissions by their Account Administrator). Once deleted, data are no longer accessible via the console, API or mobile application but may remain in our systems temporarily for data recovery, integrity or aggregated reporting purposes.
Should the customer wish to execute a system-wide purge, once the record has been deleted via the console/API, a support request may be submitted to our team requesting the system-wide purge. The request must contain the unique system-assigned ID(s) of the record(s) to be purged. It may take up to 14 days for the record to be purged from our primary database. It may then take a further 14 days for previous backups (which may still contain the record(s)) to be overwritten. Traces and fragments of the record(s) may exist in system logs until these are cleared, a process which occurs approximately every 3 months.
We commit to notifying our customers of any confirmed data breaches which may occur. It is the responsibility of our customers to notify relevant authorities and any Data Subjects who may be affected by a data breach.