GDPR2019-07-05T13:18:43-05:00

GDPR

Committed to Your Privacy and Protection

At E2open, we safeguard your privacy and maximize data protection. We do not collect and/or process users’ personal information beyond what is required for the functioning of E2open applications, technology platform and services.

Our Commitment

We have demonstrated our commitment to data privacy and protection by meeting the industry standards for ISO 27001 and SSAE-18 SOC 2 Type 2. We also have strong data processing agreements that were revised to meet the requirements of the General Data Protection Regulation (GDPR). We participate in and have certified our compliance with the EU-U.S. Privacy Shield Framework with respect to the transfer of data to the United States.

E2open GDPR Preparation

We are GDPR-compliant across all our software-as-a-service (SaaS) applications. We have analyzed GDPR requirements and correlated them to existing controls or created new controls and systems to meet them. Our efforts included the following:

  • Established a data privacy team to oversee GDPR activities and raise awareness

  • Conducted a GDPR Gap Assessment through an independent third party as well as a Privacy Impact Assessment (PIA)

  • Reviewed current security and privacy processes in place and, where applicable, updated contracts with third parties and customers to meet GDPR requirements

  • Conducted employee awareness to ensure continual compliance with the GDPR

  • Evaluated the portability and transferability of data and found that none of our applications store unique end-user content or data that end users do not already possess, such as pictures, stories and so on

  • Enhanced data integrity and security, streamlining the processes for our cloud applications by implementing these data security actions:

    • Encrypt, anonymize or delete user data.
    • Perform data audits or assessments.
    • Provide access controls.
    • Identify personal data being collected or stored.
      Some of our applications have a different level of personal data collection, usage, storage and disposal. We have defined the purview of personal data for each of these applications and documented the various sources of data to provide a roadmap for compliance. We analyzed how customer information is being processed, stored, retained and deleted.
    • Assess any third parties with whom we disclose personal data.
      At this time, there are no third parties with whom we share our customers’ personal data except banks for the purpose of paying rebates.
    • Establish procedures to respond to data subjects when they exercise their rights.
    • Create processes for data breach notification activities.
Using cookies helps us give you the best possible user experience on the E2open website. For additional information, see our Privacy Policy.
If you continue to use this site or close this box, you indicate your consent to our use of cookies.
OK