Introducing Dynamic Data Protection: The next generation of security.

Our Blog

Forcepoint's unwavering commitment to data privacy, protection, and compliance

Share

Thursday, May 24, 2018

Many organizations have legitimate questions about their data, Privacy Shield, GDPR and the ever-evolving data protection landscape. To this end, we want to demonstrate our commitment to privacy and data protection by outlining the measures we have taken and the way we conduct business within Forcepoint.

To start with, we want to make sure that our customers understand how and why their data is collected and used, and we want to ensure that you have the information you need to make the choices that are right for you across our products and services. Our privacy policy explains how Forcepoint collects, uses, discloses and transfers the personal information you provide to us or we collect when you:

  • Use our website
  • Do business with Forcepoint
  • Use Forcepoint human-centric security products and services

Forcepoint and GDPR

The General Data Protection Regulation (GDPR) (EU) 2016/679, now in effect, is a comprehensive regulation in EU law on data protection and privacy that unifies data protection for all individuals within the European Union. The regulation requires organizations to implement reasonable data protection measures to protect the personal data of all EU persons.

Forcepoint’s Data Processing Agreement (DPA) is available here on Forcepoint’s website. It incorporates the EU Model Clauses / Standard Contractual Clauses (SCCs). Our DPA outlines how we process customers’ personal data and the best in class security measures we use commensurate with the context and the personal data. 

Forcepoint and Privacy Shield

Privacy Shield is an agreement between the EU and U.S. allowing for the transfer of personal data from the EU to the U.S. Privacy Shield is a program whereby participating companies commit to compliance with privacy principles that assure transfers of personal data information to meet the requirements of GDPR.  

We are delighted that Forcepoint is Privacy Shield-certified. Customers can refer to the Privacy Shield list of companies on the Privacy Shield website for confirmation of our certification. 

Forcepoint and ISO

Finally, Forcepoint is proud to have and maintain various ISO and other security certifications for its SaaS and cloud product offerings. For example, Forcepoint is ISO 27001 and ISO 27018 certified. ISO 27001 provides a set of standardized requirements for an Information Security Management System (ISMS). The standard adopts a process-based approach for establishing, implementing, operating, monitoring, maintaining and improving your ISMS. ISO 27018 is a code of practice to establish a uniform international approach for protection of personally identifiable information (PII) stored in the cloud by data processors. As part of the certification process for ISO/IEC/27001 and ISO/IEC/27018, accredited certification bodies independently verify that Forcepoint has incorporated ISO/IEC/27001 and ISO/IEC/27018 controls. Forcepoint also participates in the Cloud Security Alliance (CSA) STAR Registry program, which allows customers to compare the compliance posture of participating cloud services.

Our Continuing Promise

On the rest of our website, you’ll find links to more information so that you can be fully informed about our products and services, thereby enabling you to make the right decisions for your company. And you can learn more about Forcepoint's commitment to privacy on our Privacy Hub.

We’re constantly working to update and improve our best-in-class compliance measures, so if you notice something in our products or services that doesn’t work the way you’d expect when it comes to protection of personal data, please email privacy@forcepoint.com and we’ll be happy to address your query.

Tags GDPR

About the Author

John D. Holmes

John D. Holmes

General Counsel and Corporate Secretary

John D. Holmes is general counsel and corporate secretary for Forcepoint. John is responsible for the company’s legal and regulatory affairs, ethics and compliance programs.