Our software and Knowllence are GDPR compliant!
Since May 25, 2018, the General Data Protection Regulation (GDPR) has been in effect across all European Union Member States, giving individuals greater control over their personal data.
At Knowllence, we take this responsibility seriously. Professionally, GDPR guides us to collect only the personal data that is strictly necessary, to obtain and securely store consent, and to enhance the protection and management of all data we handle. The regulation strengthens the right to be forgotten and ensures individuals are notified in case of a data breach.
As a software publisher that may process personal and sensitive data, Knowllence has proactively initiated its GDPR compliance journey, reinforcing our commitment to data privacy and security for all our clients and users: View Knowllence’s GDPR Commitments
We act as a data processor for certain aspects of your data processing. As such, we are committed to meeting specific obligations regarding confidentiality, security, and documentation of our processes.
This article is part of our broader commitment to advising and informing our clients and prospects about data protection and GDPR compliance.
GDPR Compliance of Robust Engineering / Manufacturing Software
In our software solutions dedicated to Design and Manufacturing Quality (modules Need, Structure, FMEA, RM14971, HACCP), we handle only non-sensitive personal and professional data (such as name, first name, professional email address, and phone number) to provide user access and manage individual actions within the software.
If you are using a customized version tailored to your specific needs, we remain available to help you verify whether any additional sensitive data is being processed, as each organization (company, public body, or association) is also responsible for ensuring its own GDPR compliance.
Robust Engineering Software — Overview
Robust Manufacturing Software — Process FMEA Overview
GDPR Compliance of TDC Sécurité
In our software solutions dedicated to Health, Safety, and Environmental Risk Management, we may handle some sensitive personal, depending on the chosen module.
Health, Safety, and HR departments are especially affected by these requirements:
- Managing workplace accidents involves handling health data and social security numbers (NIR), which are considered sensitive data under the GDPR.
- Managing employee exposure to hardship factors, as well as training and certification records, requires the processing of non-sensitive personal and professional information such as name, surname, date of birth, and employee ID number.
- Prevention plans also involve collecting non-sensitive personal and professional information (name, surname, phone number) from external service providers, who must be informed about how their data is processed.
- Furthermore, subcontractors and business partners become jointly responsible for the processing of personal data. Therefore, data protection commitments and procedures in the event of a data breach must be clearly defined and communicated.
Depending on the modules purchased, the TDC Sécurité software may handle either sensitive or non-sensitive personnel data. The modules related to the Employee View — namely Workplace Accidents, Occupational Hardship, and Training and Certifications — are the only ones that process sensitive data. All other modules handle only non-sensitive personal and professional information (such as name, first name, professional email address, and phone number) in order to manage subcontractors, grant software access, and track individual actions within the system.
TDC Sécurité — Occupational Risk Assessment Software Overview
Medical Device Software and GDPR Compliance
The Medical Device software does not process any patient data. We handle only non-sensitive personal and professional information (such as name, first name, professional email address, and phone number) to provide software access and manage individual actions within the system.
The medical device sector is especially impacted, for instance:
- Consent must be reinforced and retained for patient tests prior to market release.
- Test databases and post-market feedback management must comply with the principle of Privacy by Design: software or systems should be designed to process only the strictly necessary personal data and ensure its protection, for example through pseudonymization, anonymization, or data encryption.
- All connected devices and their associated IT systems are directly affected.
- Subcontractors and business partners become jointly responsible for processing this personal data, so commitments and procedures in the event of a data breach must be clearly defined.
Medical Device Software: Features and Description
Knowllence is fully committed to GDPR compliance in its role as a data processor.