Blue Sky eLearn and GDPR Compliance

As a customer-centric company with customers located all over the globe, Blue Sky eLearn takes the privacy and security of our customers and end users seriously. Being a GDPR-compliant provider, we have the tools and processes in place to support our clients who are required to adhere to the regulation.

GDPR Overview

Starting May 25, 2018, the EU General Data Protection Regulation (GDPR) goes into effect for all organizations who collect or process personal data of users located in the EU.

There are three important roles within the GDPR that you should be aware of:
Controller: This is you, our customer. If you’re required to comply with the GDPR, then you need to fulfill your obligations as a Controller.
Processor: That is where you decide to send your data for processing, including to us for the services and platforms we provide to you. We are all set to be a compliant processor, ready and able to assist you with any data subject rights requests you may receive.
Sub Processor: These are the processors and sub contractors we use to run our services. It is our responsibility to ensure that any processor we engage with that touches your data is GDPR compliant.

Looking for a more in depth explanation of GDPR principles? Check out this link from the UK for a great overview of the GDPR.

How we comply with the GDPR

Here are some of the ways we provide our customers assurances around the transfer of their personal data and achieving GDPR compliance:

Data Security

We maintain strong technical and organizational security measures around how we handle and protect our customer data.

Our platforms are hosted on state-of-the-art secure cloud hosting platforms that are SOC 1 & 2, SSAE 16/ISAE 3402, ISO 27001, and PCI Level 1 compliant. We maintain active security measures on the perimeter, and utilize third party vulnerability scans.

To learn more about how we handle customer data, see our privacy policy.

GDPR Data Processing Addendum (DPA)

Blue Sky is pleased to offer a GDPR-compliant Data Processing Addendum (DPA) to our customers which incorporates:

  • Blue Sky eLearn’s GDPR Data Processing Agreement, including Privacy Shield controls
  • EU Standard Contractual Clauses
  • Details of Processing
  • Authorized Sub-processors
  • Please click here to download a pre-signed DPA. Once executed, submit to privacy@blueskyelearn.com for the DPA to become legally binding.

    Privacy Shield Certification

    In addition to GDPR Compliance, Blue Sky has received certification approval from the United States Department of Commerce for the EU-US Privacy Shield Framework program.

    The EU-U.S. Privacy Shield Framework was designed to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the EU to the US.

    To review Blue Sky’s Privacy Shield Certification, click here.

    Section 508 and WCAG 2.0 Compliance

    Blue Sky supports an all-inclusive learning experience by building in accessibility standards support into our products. In addition, we’ve partnered with the industry leader eSSENTIAL Accessibility to offer a free assistive technology application for all uses of our site.

    Learn more on our accessibility page.

    Individual Rights

    Reached this page looking for information on how you can submit a Data Subject Request?

    Individuals can access their profile data on Blue Sky eLearn Applications by logging into their profile utilizing their assigned unique ID and password. You can also contact us directly to access your data by submitting a request on our Data Subject Request Form located here.

    Individuals can submit questions / comments regarding information correction, amendment, deletion, and limiting use and disclosure on our Data Subject Request Form.

    Learn more by visiting our Privacy Policy.