What is GDPR and how it impacts the LMS?

The abbreviation GDPR stands for General Data Protection Regulation and refers to the data protection for all individuals within the European Union. This new law applies to all companies that store and process data from users located in the EU. It has been valid from May 25th of 2018.

The law has the purpose of setting parameters to guarantee the safety of user's data and increase the rights of personal privacy in all electronic matters. It is important to know about the regulations given worldwide about data management both for those who control or process the information.

Not being GDPR compliant may cause fines up to 20 million EUR or 4% of the company’s annual profit.

As an LMS user, you're learning activities could be impacted if any of your students, users, employees or customers are located in the EU. For that reason, all the data that is stored within the LMS needs to be compliant with this regulation.

How Paradiso works to comply
with the LMS GDPR Regulation?

In order to guarantee GDPR compliance, companies must not only focus on the technological part, but also on data knowledge and business activities information handling. Paradiso Learning Management System complies with the essential requirements that GDPR asks for, such as:

  • Terms and Conditions: this feature allows us to set the list of legal requirements that users must accept to be able to use the LMS Platform. Terms and Conditions must be located on an external webpage.
  • Onboarding of new users: including age and location, checking to identify minors, versioning of privacy policies and the tracking of user consents.
  • Data use authorization: allows users to choose whether their information will be used on System reports or not.

  • Download user information: To be GDPR compliant, Paradiso LMS Platform allows users to download their information in CSV format. Profile, Courses and Logs information can be downloaded.
  • Policies report: Privacy report allows administrators to have knowledge about who has accepted terms and conditions, who has “Data Use authorization” enabled or disabled and user’s age and location.
  • Request permanent data deletion: Paradiso LMS allows the user to request permanent data deletion, this includes all kinds of information related to the user.

Speak to one of our Experienced e-Learning Consultants

Where are our servers located and are they compliant with GDPR?

We can refer to this document in order to determine and explain where we have our servers: https://aws.amazon.com/about-aws/global-infrastructure/; for any specific instance, please contact our Engineering team, and they will indicate where a specific instance is.

How Do we store data?

We use a variety of services like EBS, S3 and EFS, every service is used depending on the client’s specific use case. All our client’s data is stored in secure and encrypted storage services.

Privacy & Cookies Policy