top of page

GDPR compliance

Kolob iCompass GDPR compliance commitment

Kolob iCompass is committed to compliance with the European Union’s General Data Protection Regulation (GDPR), effective May 25, 2018. Although the law governs our relationship with only our European users, our response to it includes changes to our policies effective for all users of our services and visitors to our site. Kolob iCompass has made the GDPR a priority and we are fully aligned with the regulation’s intended result: the protection of user privacy and personal data.

What we’re doing to ensure GDPR compliance

Kolob iCompass has dedicated significant resources to reviewing our existing processes, agreements with third-party vendors, and IT security policies for GDPR. Below are examples of company-wide initiatives Kolob iCompass has undertaken in order to abide by the new regulation:

  1. We maintain records of processing activities of all types of personal information the company holds.

  2. We updated our privacy policy to outline all processes related to personal data.

  3. Privacy policy now includes a lawful basis to explain why the company needs to process personal information and is written in clear and understandable terms.

  4. When processing personal data, we follow the security and privacy measures required under GDPR.

  5. Kolob iCompass staff who access and process personal data have been trained in handling data and maintaining the confidentiality and security of that data.

  6. Only essential staff access and process customer data, and only when necessary to provide services.

  7. We hold our vendors who handle personal data to the same data management, security, and privacy practices to which we hold ourselves.

  8. When we update your privacy policy, we inform existing customers.

  9. In the event of a personal data breach involving personal data, we will promptly notify regulators and end users involved.

  10. We regularly review policies for changes, effectiveness, changes in the handling of data as required by the GDPR.

  11. We only transfer data outside of the EU to countries that offer an appropriate level of protection.
     

GDPR Q&A

Does Kolob iCompass process customer personal data?
Yes. Kolob iCompass processes customer personal data only as needed to provide products, services, and customer support as identified in our Privacy Policy.

Kolob iCompass does not collect personally identifiable information (PII) for marketing purposes without customers’ consent, and customers may revoke consent at any time by following Unsubscribe link included in every email (Kolob iCompass marketing includes an email campaign and an email newsletter.) Furthermore, Kolob iCompass has never sold PII to third parties and is committed to continuing this as a core business practice.

What data does Kolob iCompass process?
Kolob iCompass AI algorithm uses user journal data to deliver personalized scripture. Processed journal data has no identifiable user PII. IP addresses may also be gathered in server logs but are not matched to other PII.


Where does Kolob iCompass process and store data?
The Ball iCompass processes customer data on Amazon Web Services (AWS) servers located exclusively in the US. Our third-party data center meets security regulations and standards with industry-leading physical and environmental controls. Our applications benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations.

Third-Party Subprocessors 
Kolob iCompass uses some cloud-based applications as a part of its infrastructure. Customer data may be stored in these applications at various times. Information on third-party subprocessors are listed in the Kolob iCompass privacy policy.


More Resources

GDPR Resources 

bottom of page