At Fast, we take data protection and privacy seriously and are committed to complying with applicable data protection and privacy laws with respect to the processing of personal data, including the EU General Data Protection Regulation (the “GDPR”), the California Consumer Privacy Act (the “CCPA”), and other applicable regulations. Below we describe several of the programmatic steps we’ve taken to protect personal data.
Training and Awareness
We train staff who access and process personal data to handle data consistent with our legal requirements and internal policies, including maintaining the confidentiality and security of that data.
Privacy Impact Assessments
Through our partner risk assessment program, Fast performs a security and privacy impact assessment for all new technologies and services prior to deployment.
Privacy by Design
Fast has implemented Privacy by Design (PbD) and Security by Design (SbD) processes to review the new or enhanced products and address any privacy issues prior to the product launch.
Data Management Practice
Fast commits to using appropriate data transfer mechanisms when transferring data outside of the EU.
Data Security Controls
Fast has implemented stringent security measures around personal data and appropriate administrative, technical, physical, and organizational safeguards to protect the confidentiality, integrity, and availability of personal data entrusted to us for processing.
Data Subject Access Request (DSAR) Process
Fast has implemented a process to intake and respond to the data subject access, rectification, erasure request to meet required regulatory requirements.