Most data privacy laws require organisations to ensure a high level of security for the personal data they collect in order to prevent unauthorised access to it. GDPR’s concept of “Privacy by design and by default'' supports the idea that security should be a core part of an organisation from the beginning, not added afterwards.
The regulation suggests certain methods such as encryption, anonymization and pseudonymization, but also specifies that “the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk”.
California Consumer Privacy Act also requires businesses to maintain “Reasonable Data Security and Privacy” regarding California consumers’ personal data. Encryption and deidentification are two of the methods suggested within the law. Under the CCPA, consumers whose personal data was kept non-encrypted and was subject to unauthorised access, disclosure or theft, benefit from a private right of action.
Clym is built with security in mind, based on the “Security by design and by default” principle, our infrastructure being secured through a defense-in-depth layered approach.
The value of personal data is increasing. This means that companies that store their customers’ data must implement increasingly sophisticated methods of protecting it, especially in the age of data privacy.
Clym encrypts all Clym encrypts all personally identifying information (PII), including IPs and browser data. We never share personal information unencrypted, in plain text, nor include it as such in the consent receipts that we generate.
Anonymisation is one of the recommended measures for protecting personal data against unauthorised and malicious access, by recent data privacy laws and regulations. Clym creates anonymised user profiles for data subjects, which include all consents and data subject requests.
See you on the safe side