Book a Demo
lawyal
Book a Demo

Product Security

Lawyal is compliant with the highest international privacy and data regulations, including GDPR and ISO 27001.

ISO/IEC 27001
GSPR Compliance

What is ISO 27001?

ISO 27001 is an international standard for information security management systems (ISMS), and an organized approach to maintaining the confidentiality, integrity and availability (CIA) of an organization’s data.  It offers protection of information assets from malicious actors and provides the differentiating factor that gives your organization an edge over its competitors. 

What is GDPR?

The General Data Protection Regulation (GDPR) is a unified data protection law that came into effect on May 25, 2018 in the EU, replacing the European Data Protection Directive 95/46/EC.

The law enhances the protection of personal data of EU individuals and gives them more control over its use within and outside the EU.  In addition, the GDPR seeks to unify the regulatory environment of businesses that handle the personal data of EU individuals.

Who does GDPR affect?

GDPR applies to all businesses that process personal data of EU residents. Businesses can be defined as either data controllers or data processors: data controllers collect and oversee the management of personal data, and data processors process personal data on behalf of data controllers.

GDPR has expanded the definition of “personal data” to include categories of information such as location data, online identifiers (such as an IP address), and other electronic metadata that were not included in previous data protection laws pertaining to the EU. Failure to protect the personal data of EU individuals in accordance with GDPR rules may result in significant fines.

How does Lawyal address GDPR?

We believe that GDPR compliance is important to ensure the rights of individuals and enable them control over their personal information. We are committed to supporting our customers by meeting GDPR requirements; therefore, we have updated our product and business operations in compliance with GDPR guidelines. We comply with GDPR requirements in our capacity as both data controllers and data processors.