MASV Complies with GDPR
MASV will always protect your privacy. We will never sell your data.
MASV is the world leader in fast file transfer for massive (20+ GB) files. Whether you’re a solo video editor or a global enterprise, we send large files securely and in compliance with the General Data Protection Regulation (GDPR).
What is GDPR?
EU Regulation 2016/679, commonly referred to as GDPR (General Data Protection Regulation), is the signature regulation for strong data protection for all European Union (EU) nations and residents. GDPR also regulates the export of personally identifiable information (PII) outside the EU’s borders.
MASV is a strong supporter of GDPR, and considers the protection of your data as a fundamental element of our business.
Organizations operating in the EU and/or processing personal data of EU residents must comply with GDPR. Personal data is defined as information relating to an identified or identifiable natural person. <https://gdpr.eu/eu-gdpr-personal-data/>
Terms to know:
- ‘Personal data‘ – information relating to an identified or identifiable natural person.
- ‘Processing‘ – any of operations performed on personal data or on sets of personal data, whether or not by automated means. (For example, this might mean downloaders of content from the the MASV network)
- ‘Controller‘ – means natural or legal persons, public authorities, agencies or other bodies which, alone or jointly with others, determine the purpose and means of processing of personal data. (MASV Customers)
- ‘Processor‘ – natural or legal persons, public authorities, agencies or other bodies which process personal data on behalf of the controller. (MASV)
- ‘Sub-processors‘ – natural or legal persons, public authorities, agencies or bodies other than the data subject, controller, and processor who, under the direct authority of the controller or processor, are authorized to process personal data. (MASV’s technology providers, such as AWS https://aws.amazon.com/compliance/gdpr-center/)
Data transmitted via the MASV service is used to enable our customers to use our service. We also use customer data to respond to customer inquiries, send communications pertaining to our service, and to operate and improve the MASV service.
Data ownership and control
MASV customers and users are the sole owners of their data. In GDPR terms, the customer is the controller of the data and MASV acts as the processor.
In the course of our business, MASV uses a selection of technologies that can be defined as sub-processors, all of whom are compliant with GDPR. MASV maintains a list of sub-processors and data hosting locations for subprocessors. For more information, send an email to [email protected].
Data Processing Addendum
MASV’s Data Processing Addendum (DPA) delivers customers a contractual commitment that MASV is and will continue to be GDPR-compliant. The DPA outlines our guarantee that customers can (1) respond to inquiries from data subjects to access, rectify or delete personal data, and (2) be alerted to personal data breaches and have such breaches reported to relevant supervisory authorities and data subjects in line with GDPR guidelines.
To access the MASV Data Processing Addendum, please email [email protected]
At MASV security is our number one priority. All of our systems are built to secure customer data via physical and network protection that is monitored 24/7/365. MASV encrypts files both in-flight and at rest with strong TLS encryption, allows password protection on all file transfers, and is built on the ultra-secure infrastructure of Amazon Web Services. For more information, please contact us [email protected]
Model Clauses are a set of standard provisions approved by the European Commission to allow European entities to legally transfer personal data outside the EU. Through these clauses, MASV agrees to process an individual’s personal data on behalf of the customer and in compliance with the customer’s instructions.
Please email [email protected] to obtain our Model Clauses.
Data Subject Requests
As outlined in MASV’s DPA, if a data subject exercises their right to access, rectification and/or erasure, we will contact our customer in order to receive the authorization to make the changes. If our customer doesn’t reply within reasonable time, MASV will evaluate, respond, and inform the data subject of the decision and schedule for the action within 30 days (of receipt of the request). Should a MASV customer decide not to take action on the request, the data subject will be informed of the reasons for the decision and the possibility of lodging a complaint with a supervisory authority.
For more information please contact [email protected]