The General Data Protection Regulation (GDPR), legislation that extends privacy rights to individuals in the European Union (EU), goes into effect on May 25, 2018. K2 is getting ready for this new legislation and we want to make sure you’re prepared too. Learn more in the FAQ below.

What is GDPR?

GDPR is a regulation that aims to protect the personal data of EU residents. The legislation provides a cohesive set of data protection regulations governing the way in which organizations, including those in non-European countries, can process or collect personal data from EU residents. GDPR’s definition of “personal data” is wide-ranging and covers any information relating to an individual’s public, private or professional life, including name, email address, home or work address, photos, social media posts, and more.

When do the new regulations go into effect?

GDPR was adopted by EU’s governing body in April 2016. Enforcement of all related regulations begins May 25, 2018.

Where will K2 be in regards to GDPR by May 25, 2018?

K2 is working hard to ensure that our cloud-based service, K2 Cloud, is ready to conform to GDPR requirements and assist customers with fulfilling their GDPR data controller requirements. Being ISO27001 certified, we already have a strong and adequate security posture and have assigned a Data Protection Officer (DPO), who is working on procedures related to data discovery, the right to be forgotten, assisting with breach notification or data protection impact assessments (DPIAs) as needed. In addition, the DPO continues to provide transparency with regards to any sub-processing, ensuring that any sub-processors with be governed by a binding contract.

Compliance for K2 Five, our on-premises product, will be the responsibility of each customer since all data processing is handled internally within the customer organization.

How is K2 preparing for GDPR compliance?

K2 takes our customers’ data privacy seriously and welcomes the changes that we believe will provide a more secure experience for all citizens. We are working across all teams at K2 to ensure that we comply with GDPR’s regulations. Our engineering, security and legal teams are working to assess and implement any necessary changes to our products, policies and procedures.

Where can I learn more about GDPR?

You can find more detailed information on the official GDPR website of the European Union.

Who should I contact if I have more questions?

If you have any additional questions about the GDPR, please contact us on or via your local K2 representative.