Transparency that builds trust
TagoIO provides a secure and compliant IoT platform for customers located in more than 120 countries. Learn about our security initiatives by visiting our TagoIO Security Portal.
What is GDPR and how does it affect your IoT solution?
The General Data Protection Regulation (GDPR) is a comprehensive privacy law enacted by the European Union (EU) in May 2018 to safeguard individuals' personal data and give them greater control over how it is collected, processed, and stored. GDPR applies to all organizations handling the personal data of EU residents, regardless of the organization's location, making it one of the strictest data protection laws globally. Key principles include the requirement for transparent consent, the right for individuals to access, correct, or delete their data, data minimization, and stringent security measures. As your trusted Data Processor, TagoIO is committed to helping you on your GDPR compliance journey.
GDPR readiness is a shared responsibility
Under GDPR, both the Data Controller and the Data Processor share responsibility for protecting personal data, but they have distinct roles and obligations. The Data Controller (those who develop applications using our platform), who determines the purposes and methods of processing personal data, bears the primary responsibility for ensuring compliance with GDPR principles, including obtaining lawful consent, enabling data subject rights, and implementing appropriate security measures. The Data Processor (TagoIO), who processes data on behalf of the controller, must follow the controller’s instructions, safeguard data through secure practices, and support the controller in fulfilling GDPR requirements. Both parties must cooperate to protect data and respond to data breaches, as they are jointly accountable for the security and lawful processing of personal data.
