GDPR stands for General Data Protection Regulation (GDPR). It is a privacy and data protection law passed by European Union (EU) and is in effect since May 25, 2018. The law has set a new framework for handling and protecting the personal data of EU-based residents. The law will provide the citizens of the EU a greater control over their personal data and assures them that their information is protected.

GDPR includes a broad spectrum of information that could be used on its own, or in combination with other pieces of information, to identify a person. Personal data extends beyond a person’s name or email address. Some typical examples include financial information, political opinions, genetic data, biometric data, IP addresses, physical address, sexual orientation, and ethnicity.

iMediaBay (a division of iOPEX Technologies) – GDPR Compliance

The GDPR is not just applicable to EU-based businesses and EU residents. It is very much relevant to any company that deals customer data operating company.

We at iMediaBay, believe that our customers’ data is very much important no matter where they are located. Hence, few preventive controls have been put in place based on GDPR Compliance as our baseline standard for all our Business operations.

Steps taken in Implementing GDPR

  1. We have raised awareness across the organization through frequent discussions in our internal channels and trained our employees to handle data appropriately. They now understand the importance of information security and the high standards set by GDPR.
  2. We have assessed our product against the requirements of the GDPR and are implementing new features that will give you more control over your data and ease your burden of achieving GDPR compliance.
  3. We have put together a personal data inventory that includes all the roles that we assume, such as a data controller and processor. This includes various categories of personal data processed by our product and helped us to determine which department is getting access to which data and for what purpose.
  4. We are assessing our sub-processors (third party service providers, partners) and streamlining the contract process with them to ensure they address the pressing needs of the current security and privacy world.
  5. We are constantly in the process of earning additional security certifications and data privacy seals. We are also documenting our processes and procedures, down to the tiniest details of what we do.
  6. Our application teams have embraced the concept of privacy by design and are working to provide you more control over the data you store in our systems.
  7. We have amended our Data Processing Addendum (based on Model Contractual Clauses) to be
  8. We conducted Data Protection Impact Assessments (DPIA). Based on the results, we are putting in place appropriate controls on data processing and management.
  9. We conducted internal audits of our product, processes, operations, and management. The findings were communicated to our teams, who are working to solve any remaining problems.
  10. Based on the DPIAs and internal audits, we have improved our data security methods and processes. This includes encrypting data at rest, based on the level of sensitivity and likelihood of risks. We are also developing our own tools for better data governance and data discovery.
  11. We are cleaning up our databases to ensure that we have only the latest and most accurate information. This cleanup process includes removing terminated and dormant accounts as per our Terms of Service.
  12. Marketing – We have revised the wording and processes for direct marketing, including clear opt-in mechanisms for marketing sign-in and subscriptions; a clear notice and method for opting out and providing unsubscribe features on all subsequent marketing materials.
  13. Automatic Information: We receive and store certain types of information whenever you interact with us. For example, like many Web sites, we use "cookies," and we obtain certain types of information when your Web browser accesses or advertisements and other content served by or on behalf of on other Web sites
  14. E-mail Communications: To help us make e-mails more useful and interesting, we often receive a confirmation when you open e-mail from if your computer supports such capabilities. We also compare our customer list to lists received from other companies, in an effort to avoid sending unnecessary messages to our customers. If you do not want to receive e-mail or other mail from us, please clicks unsubscribe us on the email footer.
  15. Information from Other Sources: We might receive information about you from other sources and add it to our account information.
  16. We have revised our Privacy Policy to incorporate the requirements of the applicable privacy laws based on our data inventory, data flows, and data handling practices.

To know more about GDPR, Visit