The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual, while also imposing fines that can be revenue-based. The General Data Protection Regulation covers all companies that deal with data of EU citizens, so it is a critical regulation for corporate compliance officers at banks, insurers, and other financial companies. GDPR came into effect across the EU on May 25, 2018.
At Reprise Software, Inc. (“Reprise”), we strongly value the people we work with every day (customers, prospective customers, business partners, and employees). Our interactions with these parties generate data of all kinds, and we value the rights of each of these parties to keep their data confidential, secure, and available. We adhere to the high standards of GDPR.
Reprise strives to adhere to the following principles when developing practices that govern its information systems:
As Reprise continues to make the security of data entrusted to us a priority, and in light of GDPR, we have included more detail on the specific measures we have in place. The following are some of the measures we implement as part of our information security policy:
An Information Security Policy containing more granular detail can be made available to our Enterprise customers. Please contact us at privacy@reprisesoftware.com if you would like to receive a copy.
We maintain records of all personal data elements we store, where we store it, how we capture it, and how we use it. Any new creation, usage, storage, or processing of customer information must be approved by our Data Security Team and documented in our Information Asset Register. At the request of the individual or a government authority, Reprise will furnish all of the data it has collected on an individual to that individual or authority within thirty days, as well as any data that is maintained on our behalf by one of our approved Data Processors. Any personal data transmitted over the internet is encrypted with a modern implementation of TLS. Personal data stored offsite is encrypted at rest.
Privacy by design and privacy by default are a fundamental part of our systems and processes. We have company-wide data retention policies. Reprise acknowledges the right of individuals to have access to their personal information. Individuals have access to the personal information about them that Reprise holds and are able to review, correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated. Individuals can access this personal information by contacting our Sales Team sales@reprisesoftware.com.
Our Reprise website allows visitors and customers to give opt-in consent to receive future email communication. This communication consists of email newsletters, product updates and invitations to events and training. Every Reprise marketing email contains a link for recipients to update the types of communications received, and an option to opt out of all email communications with Reprise.
Our Data Security Team has detailed security incident policies and procedures in place for rapid response to any security incident or data breach. Access to systems is logged in order to facilitate detecting unauthorized access or responding to a security incident.
We are committed to keeping our customers fully informed of any matters relevant to the security of their data and to providing customers with all the information necessary for them to meet their own regulatory reporting obligations under GDPR.
All relevant data sets are backed up nightly and retained on- and off-site according to Reprise’s retention policy. Backup sets are stored in an encrypted format and are tested regularly to ensure the integrity of the data and the recovery process. This is validated by the Data Security Team.
Every employee at Reprise has received GDPR training. Our program is designed to ensure all employees across all functions within the company understand our obligations under GDPR and the importance of protecting the personal data of our customers. In addition to the general training program we continually run privacy and security education programs internally for different functions across our organization.
All third-party agencies who process personal customer data on our behalf are required to be GDPR compliant.
All third party data processors must validate that they adhere to GDPR requirements by providing an authorized Data Protection Addendum. These documents are archived and can be produced upon request.
Reprise has appointed a cross-functional Data Security Team to be responsible for all matters relating to GDPR. Their responsibilities include:
Reprise’s Data Security Team meets several times per quarter to fulfill its responsibilities, review IT deliverables, and set priorities related to GDPR.
For additional information about GDPR or Reprise’s Information Security Policy please contact us at privacy@reprisesoftware.com.
Should you have any questions concerning this Agreement, you may contact Reprise at info@reprisesoftware.com.
Software License Manager
As a Software publisher, you integrate RLM into your product, and RLM keeps track at runtime of who is using the licenses of your software.
RLM can do this entirely within the client library (linked into your application), or, more commonly, your application makes a request of the RLM Lincese Server to check out a license.
The lincese server runs either on your customers network, or in the cloud if you are using our RLMCloud™ service.
Activation Pro is
used once when your customer purchases your software in order to retrieve the license which is specific to that customer.
Software Activation’s purpose in life is to get the licenses for your product to your customers with a minimum of fuss.
Activation Pro also has a server component wich we call the activation server.
Your application contacts the activation server and supplies a short text activation key, and in exchange, the activation server returns the license which enables your product.
Generally, this is done once, right after your customer purchases your software, not every time your software is invoked.