Udacity and the General Data Protection Regulation
The GDPR enters into force on May 25, 2018.
The General Data Protection Regulation (“GDPR”) is a new European privacy regulation which will replace the current EU Data Protection Directive (“Directive 95/46/EC”). The GDPR aims to strengthen the security and protection of personal data of EU data subjects and harmonize EU data protection law.
Who is affected by GDPR?
The GDPR imposes new rules on companies, government agencies, non-profits, and other organizations that offer any goods and services to people in the European Union, or that collect and analyze data tied to European data subjects.
How has Udacity been preparing for the GDPR?
What key changes did Udacity make?
Udacity evaluated all new requirements and restrictions imposed by the GDPR and below are the steps taken. We are taking any action necessary to ensure that we handle your personal data in compliance with applicable law. You will receive notifications of changes to our Terms within the Udacity website. As further regulations are published by the EU, we will continue to review our terms.
- Product Changes - Our technology and security teams have worked hard to make changes to the Udacity service to meet the standards of GDPR. Among the new tools, we added a reference to the setting that allows you to control whether you want to share specific content with third parties, we have added features to ensure proper standards for consents and lawful processing, and we will shortly have features for the deletion and potability of your data.
- Age Restrictions - In accordance with GDPR, we have changed the age of consent for the use of our services by European data subjects.
- Our Service Providers - GDPR requires us to ensure our data processors providing sufficient guarantees to implement appropriate technical and organizational privacy measures and we have endeavored to implement such measures throughout our platform. We have likewise undertaken a project with all of our vendors to ensure compliance with those obligations where data is processed by them. Moving forward, we will continue to review all our vendors, finding out about their GDPR plans and arranging similar GDPR-ready data processing agreements with them.
- Our Enterprise Partners - Udacity implements physical, personnel, IT and vendor security practices and policies that are consistent with industry practices and the level of data that is provided and hosted by Udacity.
If you are an Enterprise or Hiring Partner, please contact your account manager if you have any further questions or comments. If you do not yet have a business relationship with Udacity, please drop us a line at firstname.lastname@example.org.
EEA data subjects can contact Udacity’s data protection officer by emailing email@example.com.
DISCLAIMER: This page is provided as a source of general information. It is not and should not be treated as legal advice to any individual user.