General Data Protection Regulation (GDPR) with Guance

Guance has always honoured its users’ rights to data privacy and protection. We’ve demonstrated our commitment to this by consistently exceeding industry standards. We have a privacy conscious culture here and our stance to embrace GDPR should provide you, our customer with the confidence your data is held safely here by us.

How has Guance prepared for GDPR?

As a data processor, Guance has strengthened the system and process to better adapt to GDPR:
  • Data Security Agreement: Guance signs a data security agreement with customers. The agreement clarifies the responsibilities and obligations between Guance and customers, including data protection measures, data transmission, etc.
  • Data access control: Guance provides authentication and authorization mechanisms to ensure that only authorized personnel can access customers' personal data.
  • Data security and protection measures: Guance adopts a series of technical and organizational measures to protect the security of customers' personal data, including data encryption, access control, security audit and monitoring, etc.
  • Data retention period: Guance has formulated a data retention policy, which clearly stipulates the retention period of customer data. Guance only retains the necessary time, and the data retention time does not exceed the required purpose.
  • Data Protection Impact Assessment (DPIA): Guance conducts data protection impact assessments to assess data processing activities that may pose high risks to the rights and freedoms of data subjects. This helps identify potential risks and take appropriate steps to mitigate and manage them.

What security measures has Guance taken to protect customer data under GDPR?

Guance has assisted clients in protecting their data under the GDPR by:
  • Data processing records: Guance keeps data processing records required by GDPR. These records include information such as data processing activities, data transmission, data security measures, etc., in order to cooperate with customers in fulfilling their record keeping obligations under GDPR.
  • Data subject rights support: Guance assists customers in handling data subject requests, such as access, correction, deletion and other rights. Guance provides the appropriate tools and processes so that customers can effectively respond to these requests.
  • Assist customers to respond to regulatory requirements: As a data processor, Guance acts as a bridge to communicate with regulatory agencies to ensure that customers' compliance matters in handling activity investigations and inquiries are properly handled. During this process, Guance will provide necessary information and documentation and support clients in responding to regulatory agency requests.

Does Guance use sub-processors?

  • In order to provide our services, Guance may engage third-party organizations, which we refer to as sub-processors, to perform data processing activities involving access to customer data.
  • The following are the sub-processors, their locations, and the types of services they provide to Guance:
VendorCountryType of Service
Amazon Web Services, Inc.United StatesInfrastructure Provider
Alibaba Cloud Computing Co. Ltd.ChinaInfrastructure Provider
Amazon Web Services, Inc.United StatesEmail Notification Services

How will Guance respond to data subject requests?

  • Guance has defined processes to respond to data subject requests, including consent, via

Where can I learn more about Guance security and privacy efforts?

By using this website you agree with our privacy policy.