You, TutorFirst, And The
General Data Protection Regulation
(GDPR)
The General Data Protection Regulation (GDPR) is an EU regulation that expands the protection of personal data of EU citizens. In doing so, it also expands the obligations of organizations who collect or process that data. The goals of the GDPR are to increase transparency and fairness in the handling of individuals’ personal information. Personal data is any information relating to an identifiable individual.
Enforcement of the GDPR starts on May 25, 2018. The Regulation can be viewed here. All organizations need to be aware of their responsibilities and ensure that they are compliant with GDPR by May 25, 2018.
Does the GDPR apply to me?
The GDPR applies to any organization that is organized in the EU and any organization that processes personal data of EU citizens.
Organizations are classified as processors or controllers of personal data. Organizations that determine the purpose of the storage or processing of personal information are considered controllers. Organizations that store or process personal data on behalf of another organization are considered processors.
When it comes to the personal information I enter into TutorFirst, is my organization a controller or a processor?
Because you control and manage the data you enter into TutorFirst, you are the controller for that data. You decide how that data is used, how long to keep it, how often to update it, etc.
What is TutorFirst’s role?
TutorFirst is the Processor. TutorFirst processes the personal data you manage in our systems. We store the data for you and process it per your actions in our applications.
Will TutorFirst be compliant with the GDPR by May 25, 2018?
Yes. Please review our updated Terms of Service and Privacy Policy, which will apply to you on and after May 25, 2018.
The information above is provided to help you understand TutorFirst’s role as processor of your data, the rights of your users, and the responsibilities you hold as a controller of their data. It is not comprehensive and is not legal advice. You should speak to legal counsel regarding the GDPR and how it affects your organization.
Thank you for your continued support and we look forward to being part of your business in the future.