.privacy-list-item > li

General Data Protection Regulation (GDPR)

General Data Protection Regulation Overview

The General Data Protection Regulation (EU) 2016/679 (also known as the GDPR) is a new data protection law adopted by the European Union (EU) set to replace the existing Data Protection Directive 95/46/EC and designed to strengthen data protection for all individuals within the EU and harmonize data protection and privacy laws for companies doing business in Europe. The GDPR was adopted on April 27, 2016 and went into full effect in May 2018. GDPR:

      • Strengthens the protection of personal data in light of rapid technological developments, increased globalization, and more complex international flows of personal data.
      • Expands the rights of EU data subjects and creates new rights.
      • Seeks to replace the existing patchwork of national data protection laws with a single set of rules, directly enforceable in each EU member state.
      • Reaches beyond Europe, as it applies to any entity that processes personal data tied to offering goods or services to, or monitoring behavior of, individuals in the EU, regardless of where the data is processed or stored.

Both data controllers and data processors are liable for violations, which can result in steep fines of up to €20 million or 4% of global annual revenues, whichever is higher.

The full text of the GDPR can be found here. For more information, please visit the EU Commission’s GDPR website at this link.

The GDPR’s implementation date is approaching quickly, and significant effort is required from both data controllers and data processors in order to ensure compliance.

What Continuum Has Done to Comply With GDPR

Continuum is has taken steps to align business practices, processes and policies with the GDPR’s data protection obligations to help us and our customers meet compliance before the GDPR’s implementation date.

Continuum is also certified to the EU-US Privacy Shield, which ensures that we can transfer personal data outside the EU in compliance with the GDPR’s data transfer requirements. You can see our certification on the U.S. Department of Commerce’s Privacy Shield website at this link. We have also invested considerable time and resources to ensure GDPR compliance across all of our products and services when GDPR takes effect. These investments included a comprehensive review of all our business relationships, products, services, and data handling practices, including but not limited to the following:

      • The creation of Data Privacy Impact Assessment (DPIA) and Data Flow Diagrams for the data in our products and services
      • The review and updating of contractual agreements and renegotiate terms as necessary to align with the GDPR
      • The review and updating of corporate privacy policies and privacy notices
      • The review and updating data-driven products and services
      • The preparation of a strengthened incident response process to ensure compliance with the GDPR’s data breach reporting obligations

Additional information about Continuum’s data collection policies and GDPR compliance efforts is available below.

Data Collection and Usage Overview

Continuum processes personal data collected through Continuum services and our website to provide the greatest possible service to users and customers, deliver positive web experiences and operate our business. Personal data is generally collected in the following forms: personal contact information, device-related information, web-based cookies or similar technologies, and commercially available information.

In particular, Continuum collects both personal contact and company information via our website continuum.net, including first and last name, address, and email address. In addition, if users choose to communicate with us via a web form, email or by telephone, we may retain the content of those communications together with email addresses or phone numbers and our responses. We use the information we collect, including personal data, to respond to any requests or queries directed at us, to provide customers with products or services, including technical support, to manage our relationship with our customers, for direct marketing purposes, internal and service-related efforts, and anonymous analysis and aggregation activities.

Information is also collected on our website via cookies, which can be used to further enhance web experiences and respond to requests for information. Additional information about cookie usage is available here.

We do not rent, sell, or share Personal Data collected through our services or Continuum websites with other people or nonaffiliated companies for their direct marketing purposes.

More information about our collection and usage of personal data is available in our Privacy Policy.

Right to Be Forgotten

When you visit Continuum’s website (https://www.continuum.net), enter your data in a form and provide your consent, Continuum will store that data to facilitate communication between you and Continuum. In all marketing communications, you have the option to stop receiving e-mail from Continuum by clicking the unsubscribe or manage preferences link at the bottom of the email—this will remove you from any future Continuum marketing communications, but will not remove your information from our database. To remove information from our database, you must send an email request to privacy@continuum.net with REMOVE MY DATA in the subject line and the following details in the body of the message:

  • First Name
  • Last Name
  • Email
  • Phone Number (if you initially entered it in the form)

Continuum will work to ascertain the validity of the request; our assumption is that the you have maintained control of your e-mail account and that the request is sent in good faith. A member of Continuum’s team will check the information you provided against the records in our database. If the information matches, we will reply and confirm that we are going to delete your records within 30 days. After that reply, you will receive no further communication from Continuum.

Please keep in mind that we will have no way to contact you after we delete the original e-mail. You must either contact Continuum directly or re-enter your information into a form on our website at https://www.continuum.net in order to be added back into our systems.

GPDR Impact for Website Visitors

To ensure GDPR compliance by its implementation date, Continuum has taken steps to optimize our web properties in the following areas:

      • Consent – We have enhanced the user experience across our web properties to ensure we are protecting the rights of data subjects in the EU by obtaining consent prior to the collection of personal data where required by law.
      • Vendor Compliance – We have worked with each of our third-party vendors to ensure their compliance with GDPR.
      • Transparency – We have reviewed and updated our policies to ensure that they meet the GDPR’s enhanced transparency requirements.

GDPR Impact for Continuum Partners

Continuum handles personal data of both Continuum’ partners, which may include a name, company name (to the extent it identifies an individual), address, and email address, and potentially our partner’s end-customers. We use the information we collect, including personal data, to respond to any request or query directed to us, to provide users with our products and Services and to manage our relationship with partners.

GDPR Impact for Continuum Employees

Continuum handles personal data of employees, which may include a name, address, and email address, date of birth and tax or government ID. We use the information we collect, including personal data, for tax, payroll, insurance, and other purposes related to managing benefits and communicating with employees. In addition, Continuum’s HR teams share personal data with third-party benefit providers for the purpose of extending corporate benefits to our employees and their families.