Personal consumer data is protected under European Union directives which prohibits the transfer of this data outside of the EU.
The Data Protection Directive (officially Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data) is a European Union directive adopted in 1995 which regulates the processing of personal data within the European Union.
Personal data are defined as "any information relating to an identified or identifiable natural person ("data subject"); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;"
The purpose of the Versata EU Personal Data Protection Team (EU PDP Team) is to ensure compliance with the EU Data Protection Directive and prevent transmission of personal data outside of the EU. Versata is committed to protecting customer’s and their end users data. Because Versata routinely uses offshore entities and systems to perform customer obligations, we have developed a data protection control policy to ensure compliance with data protection regulations. Part of this control policy is a routine review of support tickets for personal data. Any personal data found will be promptly removed from the support ticket.
If files containing personal data are needed to troubleshoot an issue, EU based customers will be provided with access to upload files to our SFTP server that is located in the EU to ensure compliance with the Data Protection Directive.
All customers identified as located in the EU who may store personal data within their system, such that it could be unintentionally exposed to our support team, will be subject to these reviews. For any questions regarding our EU Data Security processes, please submit a ticket to support.