Hacker News new | ask | show | jobs
by chmars 2186 days ago
That sounds great, however, 'just launched' doesn't sound too promising.

In addition, I'm not sure whether you are GDPR-compliant as claimed at https://jumpcloud.com/gdpr. Where's your Privacy Shield certification and who's your EU representative according to art. 27 GDPR?
2 comments
monocasa 2186 days ago
> That sounds great, however, 'just launched' doesn't sound too promising.

Just launched, as it's been out for months, and working very well. And we've been at the forefront of remotely managing Mac systems for years prior to this, we just anticipate that Macs will continue to be locked down in a way that will remove the ability for management software to continue to do it's job if it isn't tightly integrated with MDM.

> Where's your Privacy Shield certification

https://jumpcloud.com/blog/jumpcloud-supports-eu-data-protec...

> who's your EU representative according to art. 27 GDPR

I'm not sure about the specifics of our GDPR compliance just being an engineer on a portion of the product that isn't in the backend, but can look into it and get back to you if you like. If you'd prefer to go through our main channels without an account sales@jumpcloud.com answers these questions.

Edit: It's unfortunate you're being downvoted for asking totally valid questions. I upvoted you to try and counteract it a bit.

link
dreggie 2186 days ago
The blog is problematic. It came out pre-GDPR and doesn't reference GDPR.

It also has incorrect statements: "A simple attestation by the company along with referencing Privacy Shield creates compliance": No, really it does not.

So yes, would advise you to get a real DPO and Art 27 Rep in. They aren't expensive and with CCPA present now too, will likely be a good investment.

link
monocasa 2186 days ago
The blog poost is more an explanation about why we went to the EU Model Clause structure rather than Privacy Shield, and less a real explanation of Privacy Shield.

Our DPO can be reached at dpo@jumpcloud.com as is listed in our GDPR documentation above.

And (and to be clear this me me speaking, not the company, we've got a lot of brouhaha going on with WWDC, etc), but my understanding is that you don't need an Art 27 Rep if you have a physical presence in the EU and specify have a contactable DPO.

link
dreggie 2186 days ago
Privacy shield is an ALTERNATIVE method of to GDPR compliance for legal controls (other alternatives are SCCs/BCRs etc). US companies can either do Privacy Shield or implement GDPR themselves.

You are correct on their lack of an Art 27 Rep however.

link